W3C home > Mailing lists > Public > public-privacy@w3.org > April to June 2013

Head's up on Privacy Review for WebCrypto API and Key Discovery

From: Harry Halpin <hhalpin@w3.org>
Date: Mon, 27 May 2013 23:33:23 +0200
Message-ID: <51A3D123.9000407@w3.org>
To: Christine Runnegar <runnegar@isoc.org>, GALINDO Virginie <virginie.galindo@gemalto.com>, public-privacy@w3.org
Although its a bit early, we'd like to give a quick scheduling notice 
that we'd like a review of the Web Cryptography API spec and

These drafts are not quite ready to ship for a thorough review, expect 
that to happen in June - although we wanted to get on your schedule - as 
Christine alerted to use earlier how quickly it fills up.

Just quick head's up on some interesting issues as regards privacy:

1) Currently to avoid privacy problems in the Web Cryptography API [1] , 
the API stores and accesses keys using "structured clone" to give them 
the same lifetime guarantees as cookies. I.e. so users can "clear" them 
and prevent keys being equivalent to super-cookies, without binding the 
keys to any particular storage mechanism. Instead, we assume vendors 
will use the best-of-breed and so may even call out to OS key stores,  
but without user losing control.

2) Keys are set to be same origin, again following cookies. Private key 
material can be controlled by the domain if its set to extractable. 
Otherwise, all key operations use key handles. We hope this satisfies 
some privacy constraints. No mandatory user-interaction is currently 
specified for handling key generation/import/export.

3) There is nonetheless the need for discovering "pre-provisioned" keys 
for some use-cases, and this is currently in a separate document due to 
discussions around privacy called the "Web Discovery" document [2]. 
Again, no user-interaction is currently specified for pre-provisioned 
keys. One use-case has the keys stored in hardware, and there are 
currently discussions around keys that could be stored in software (for 
better authentication use-cases as needed in some e-commerce scenarios) 
or in removable hardware (eID use-cases).

Those interested in providing early feedback can cc 
public-webcrypto-comments@w3.org, but be aware the drafts may - and 
*will* - change. We hope to get you a stable version by June.


Received on Monday, 27 May 2013 21:33:35 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:23:55 UTC