Reworded security section about NDEF signature #518
Conversation
index.html
Outdated
| these, the NFC Forum introduced [[NDEF-SIGNATURE]]. | ||
| In order to protect the integrity and authenticity of NDEF messages, the NFC | ||
| Forum introduced [[NDEF-SIGNATURE]]. Signing NDEF records prevents malicious | ||
| use of NFC tags. |
There was a problem hiding this comment.
but it is also the other way around.
This sounds like you harden the tag instead, but it also allows the reader to only accept such hardened tags and thus hardens the reader as well
There was a problem hiding this comment.
That's not how I intended to be understood ;)
How would you rephrase it?
There was a problem hiding this comment.
I would remove "Signing NDEF records prevents malicious use of NFC tags."
That is inaccurate.
There was a problem hiding this comment.
I've removed it.
| @@ -4080,11 +4080,9 @@ <h3>Parsing content</h3> | |||
| <!-- - - - - - - - - - - - - Security and Privacy - - - - - - - - - - - - - --> | |||
| <section> <h2 id="security">Security and Privacy</h2> | |||
| <p> | |||
| NFC technology involves multiple levels of security. Payments done with NFC | |||
| are considered to be secure at hardware level, but the whole software stack | |||
| needs to be security hardened. | |||
There was a problem hiding this comment.
I would add a separate sentence, like
"As general security measure, the whole software stack needs to be security hardened".
And place where you think it adds most clarity/value.
There was a problem hiding this comment.
This seems obvious to me and not specific to Web NFC, don't you think?
There was a problem hiding this comment.
IIRC security reviewers insisted on stating the obvious :), but it's the editors' call, indeed.
There was a problem hiding this comment.
WDYT of ae9e547
|
We already take that data as untrusted. |
|
I'll let you update the explainer and I'll remove it. |
Preview | Diff