Declarative Web Security presented at OWASP Appsec 2010
by Brandon Sterne (Mozilla Corp),
URL : http://www.owasp.org/index.php/Declarative_Web_Security
Summary : The Web faces a host of well-known but persistent threats: XSS, CSRF, MITM, Phishing, Clickjacking, etc. Developers are aware of the threats and mitigation strategies but the rates that the bugs are introduced and discovered in websites remains stable. Mozilla believes declarative security mechanisms hold promise for reliable attack mitigation.
Brandon Sterne: is the Security Program Manager at Mozilla Corporation where he helps drive Firefox security updates and designs and implements browser features to improve client and Web security.