W3C home > Mailing lists > Public > public-identity@w3.org > November 2011

Re: The "korean bank" use-case

From: Richard L. Barnes <rbarnes@bbn.com>
Date: Mon, 28 Nov 2011 09:23:05 -0500
Cc: Anders Rundgren <anders.rundgren@telia.com>, channy@gmail.com, "public-identity@w3.org" <public-identity@w3.org>
Message-Id: <AA033D95-ED90-4AA7-8DE2-122CE7A67B78@bbn.com>
To: Mo McRoberts <Mo.McRoberts@bbc.co.uk>
>> AFAICT, this is essentially an improved version of Mozilla's current
>> JS crypto.  That's fine but IMO it doesn't support security HW
>> in a way that makes sense to a bank since there is no way you can
>> assure that keys are stored in HW or SW.
> 
> How can you •assure• that in the first place? Surely you’re always just taking the interface’s word for it, even if it claims to provide such guarantees?

Presumably, this is assured by the fact that the public key is accepted by the remote side?  If the private key is only held in an HSM / smart card, then any crypto operations with that private key are known to be performed within that HSM (assuming that you trust the HSM).  

--Richard
Received on Monday, 28 November 2011 14:23:35 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 28 November 2011 14:23:37 GMT