Re: Charter and the NetFlix UC from David Dahl on 2012-02-17 (public-identity@w3.org from February 2012)

From: David Dahl <ddahl@mozilla.com>
Date: Fri, 17 Feb 2012 12:13:29 -0800 (PST)
To: Ron Garret <ron@flownet.com>
Cc: public-identity@w3.org, Anders Rundgren <anders.rundgren@telia.com>
Message-ID: <2135608731.10998172.1329509609582.JavaMail.root@zimbra1.shared.sjc1.mozilla.com>

Also, the current (incomplete) draft spec for DOMCrypt is here: 

https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest

Here is the sign and verify interface:

interface CryptoSign {
  void sign(ArrayBuffer keyID, ArrayBuffer plainText, PKSignCallback callback);
  void verify(ArrayBuffer signature, ArrayBuffer pubKey, ArrayBuffer plainText, PKVerifyCallback callback);
};

The browser stores your signing keys outside the reach of the unprivileged content DOM, you only have to provide the ID of the keypair. This discussion is useful as I have not specified an additional method that will be needed: 

void GenerateSignatureKeyPair(long aAlgorithm, CSGenerateKeyPairCallback callback); // the callback is handed a keyID and publicKey

The thinking right now is that this API is bound by the same-origin policy. Which I think makes sense in order to control the scope. I am not too worried about incompatibility with older, onerous standards that are not in widespread use anyway. Perhaps I am naive? No, I know am naive, that is the only way I could have proposed this API:)

Regards,

David

----- Original Message -----
> From: "Ron Garret" <ron@flownet.com>
> To: "Anders Rundgren" <anders.rundgren@telia.com>
> Cc: public-identity@w3.org
> Sent: Friday, February 17, 2012 1:35:10 PM
> Subject: Re: Charter and the NetFlix UC
> 
> 
> On Feb 17, 2012, at 11:15 AM, Anders Rundgren wrote:
> 
> > On 2012-02-17 20:00, Ron Garret wrote:
> >> 
> > <snip>
> >> It is possible that the solution to all our problems is simply to
> >> document signText.
> > 
> > I just mentioned that there are a bunch of "standards" out there
> > already.
> 
> And what does the existence of "a bunch of standards" have to do with
> what is wrong with signText?
> 
> > If I were to create a standard I would begin with researching these
> > to see
> > if there is something worth stealing :-)
> 
> So, did you?  Is there?
> 
> > https://github.com/daviddahl/domcrypt/blob/master/demos/demo.js#L47
> 
> All I see is a bunch of uncommented Javascript code.  How that is
> intended to address the issue that signText is undocumented I do not
> understand.  I might be able to back out an API by
> reverse-engineering this code, but that would be missing the point
> rather badly.
> 
> > I don't know how window.mozCipher.pk.sign works but signText(v1996)
> > uses X.509
> > certificates which I believe what is generally requested.
> 
> Personally, I think X.509 is part of the problem, not the solution.
>  But that is a different issue altogether.
> 
> rg
> 
> 
>

Received on Friday, 17 February 2012 20:14:00 UTC