W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: Call for Adoption: Encrypted Content Encoding

From: Cory Benfield <cory@lukasa.co.uk>
Date: Fri, 4 Dec 2015 10:53:35 +0000
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <4B133AB2-E58C-4C2D-B565-F131E9058BFC@lukasa.co.uk>
To: Poul-Henning Kamp <phk@phk.freebsd.dk>, Mike Bishop <Michael.Bishop@microsoft.com>, grahame@healthintersections.com.au

> On 4 Dec 2015, at 06:48, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
> 
> --------
> In message <CY1PR03MB1374F4624E72D157F1F4FF48870D0@CY1PR03MB1374.namprd03.prod.
> outlook.com>, Mike Bishop writes:
> 
> If I havn't done so before:
> 
> +1 because this is what encryption sensibly should look like to stand a
> fair chance of being acceptable to modern societies.

(Replying to Poul-Henning, but this is a question for Mike and Grahame as well):

Earlier in this thread I raised a concern I have about the way this draft accesses keys. In particular, it does not appear to specify any requirement that keys be tied to specific origins or in some way limited in scope: a conforming implementation would be able to have a single global registry of keys that can be used to decrypt content coming from anywhere.

I believe this represents a security risk and should either be addressed in Section 6, or this draft should be accompanied by another that specifies key management in this case.

Can you elaborate on whether you believe my concern is valid or not? If not, why not? If yes, it would be helpful to hear that from you so that I don’t think I’m losing my mind.

Cory


Received on Friday, 4 December 2015 10:54:18 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC