search

GlobalPlatform / WebApis-for-SE

Open source Apis to access a Secure Element from a Web application
Apache License 2.0
18 stars 5 forks source link

Granularity of Error Responses #54

Closed hchavers closed 8 years ago

hchavers commented 8 years ago

Comments from Trusted Computing Group - Item # 35

Section: SESecurityException

Comment: There should be more granularity in the error response.

Proposed Resolution: What types of mismatch occurred? Insufficient privilege? Is an unknown object a security exception or an IO exception?

opoto commented 8 years ago

SESecurityException is raised when access conditions are not met. The application should not be informed about those access conditions, this would unnecessarily leak security related information.