Closed zolkis closed 6 years ago
Discussed:
Ex: a burglar could fake a "broken camera" by spoofing a destroy message.
In scripting issue, solution has been explained. However, we still need to review that proposed solution from a security point of view.
Proposed solution in scripting is to use TD change notification to send an observe event of a certain type to other things that have registered to receive such events.
If this is done, then destroy notifications are as secure as TD change notifications themselves. So the real question is: how is security/authetication etc. handled for TD change notifications? Just like access to the TD in the first place, we want to be able to support appropriate security (authentication and authorization) mechanisms.
Superceded by https://github.com/w3c/wot-security/issues/100
Tracking security connotations of Scripting issue 114.