The identity icon selection dialog presents you with options for using a custom image for an identity, including images from remote sources.
Network Identity Manager uses WinHTTP to fetch resources via HTTP with these settings:
These settings are intended to minimize the set of features that are used and to avoid unexpected exposure of information. Fetching a remote resource through Network Identity Manager is similar to fetching a resource through any web browser and has similar associated risks.
Details about specifc methods that are available for specifying remote resources are given below:
When invoked, Network Identity Manager will attempt to fetch an image file from the specified URL using an HTTP GET request.
When invoked, Network Identity Manager will attempt to fetch the Favicon associated with the given domain or any parent domains. First, the Favicon for the given domain will be queried. If a Favicon is not found, then the Favicon for the www subdomain of the domain will be queried. If an icon is still not found, then the parent domains will be queried in the same manner until there is only one components left in the domain name.
For example: if the Favicon
This method is officially discouraged for fetching Favicons by the W3C as seen here. However it is used as an interim measure until full support for Favicons is implemented.
It is assumed that the images downloaded by Network Identity Manager using Gravatar.com are only used by the application for the purpose of identifying one or more identities.
When an email address is specified for the purpose of fetching the image associated with it on Gravatar.com, Network Identity Manager assembles a URL in accordance with the documentation and fetches 64x64 pixel Jpeg image. If there is no image associated with that email address, then the operation will fail. No default or autogenerated images will be used in thise case. Network Identity Manager does not attempt to validate the email address.
Network Identity Manager, MIT nor Secure-Endpoints are associated with Gravatar.com or Automattic.com.
As always, it is highly recommended that your computer be kept up-to-date with the latest security patches and software updates. Fetching images from the internet increases the attack surface of Network Identity Manager due to the use of following additional technologies to fetch and process images: