Presently the AppStream specification does not provide any means for protecting against malicious domain transfers of URLs specified in AppStream metadata.
For example, with the tag:
<url type="homepage">https://foo.bar</url>
There is no way for the recipient of the AppStream file to verify if the domain https://foo.bar is legitimately the website that the AppStream’s author intended to point to.
I’m not an expert on DNS, by any means, but my understanding from setting up a personal email server is that there is a standard—DNSSEC—for cryptographically signing DNS records.
If the AppStream specification were to designate syntax along the lines of the following:
Then the recipient of a given AppStream file would have the means to verify the legitimacy of a given <url/> tag and act accordingly.
The specific XML syntax is an open question, as is the means of validating that syntax, but what I’m requesting here is the end goal, not the specific implementation.
The text was updated successfully, but these errors were encountered:
Presently the AppStream specification does not provide any means for protecting against malicious domain transfers of URLs specified in AppStream metadata.
For example, with the tag:
There is no way for the recipient of the AppStream file to verify if the domain
https://foo.baris legitimately the website that the AppStream’s author intended to point to.I’m not an expert on DNS, by any means, but my understanding from setting up a personal email server is that there is a standard—DNSSEC—for cryptographically signing DNS records.
If the AppStream specification were to designate syntax along the lines of the following:
Then the recipient of a given AppStream file would have the means to verify the legitimacy of a given
<url/>tag and act accordingly.The specific XML syntax is an open question, as is the means of validating that syntax, but what I’m requesting here is the end goal, not the specific implementation.
The text was updated successfully, but these errors were encountered: