Re: Rationale? Re: General objection regarding Web NFC from Wayne Carr on 2015-04-17 (public-web-nfc@w3.org from April 2015)

From: Wayne Carr <wayne.carr@linux.intel.com>
Date: Fri, 17 Apr 2015 08:45:12 -0700
To: Anders Rundgren <anders.rundgren.net@gmail.com>, "Web NFC (W3C)" <public-web-nfc@w3.org>
Message-ID: <55312A88.2030304@linux.intel.com>
On 2015-04-15 11:52, Anders Rundgren wrote:
> On 2015-04-15 19:56, Wayne Carr wrote:
>>
>>
>> On 2015-04-14 20:10, Anders Rundgren wrote:
>>> Hi Guys,
>>>
>>> Just in order to get this discussion in a better shape, would it be 
>>> possible
>>> getting a rationale for the fact that your work assumes that the 
>>> connecting
>>> client device is based on Web technology?
>>
>> I may not be understanding you.  This is the WorldWide Web 
>> Consortium.  It creates Web specs.  If it wasn't using Web 
>> technologies, we wouldn't be doing it here.
>
> Since the latter part of use-case 2
> "2. Support communication with active (powered devices such as readers,
>    phones) and passive (smart cards, tags, etc) devices"
> hardly is based on Web technology I find this statement contradictory.

I think this may be a matter of how you are parsing the sentence. It 
isn't communication between an active NFC device and a passive NFC 
device.  It's communication between a Web page and either kind of device.



>
> There can be no requirement that connecting mobile devices use 
> HTML5/JS-based clients to interact with Web NFC tags activated from 
> Web-pages, right?

Of course not.  But, if they're not then they are using some other spec, 
not this one.

 From the Charter: "The Community Group will be implemented on top of 
NFC implementations provided by the platform. Low level NFC 
specification is out of scope. "
Also from the Charter: "The scope of the Web Near Field Communications 
Community Group is limited to the development of APIs for Web page scripts"

>
> I.e. there are de-facto TWO projects in this CG sharing the same 
> document-set which leads to security considerations like:
> "Web apps installed from a store, or web pages installed to home screen
>     (with [MANIFEST]) may be considered trusted by the user agent"
> which has no counterparts in Android and iOS.
>
> To me the requesting and connecting side are quite different.

The document you are quoting from says: "This section is non-normative. 
Web pages using the NFC API are not trusted. This means that the user 
needs to be aware of exactly what a web page is intending to do with NFC 
at any given moment. Also, implementations SHOULD make sure that when 
the user authorizes an NFC operation, then only that action is run, 
without side effects, and exactly in the context and the number of times 
the user allows the execution of NFC operations. Web apps installed from 
a store, or web pages installed to home screen (with [MANIFEST]) MAY be 
considered trusted by the user agent. "

It's pointing out that there is a difference between a random untrusted 
web page and a trusted client application.  That seems useful to point 
out.  The NFC WG was for trusted applications.  This is a different 
group aimed at Web pages.  That is exactly like the Bluetooth API in the 
SysApps Working Group and the Bluetooth API in the Web Bluetooth 
Community Group.  In both cases, the WG was for trusted, installed 
applications and the CG was a completely different effort for the Web 
security model.

>
> Anders
>
>>
>>> It is clearly an omission from the charter and use-case documents.
>>
>> Are you saying that the charter doesn't make it clear this is about 
>> client side Web technology?
>>
>> From the Charter:
>>
>> "The Web Near Field Communication Community Group will define an API 
>> for Web page scripts to use the..."
>>
>> "The goal is to provide a Web NFC API that satisfies the most 
>> important use cases for NFC from Web pages."
>>
>> "The scope of the Web Near Field Communications Community Group is 
>> limited to the development of APIs for Web page scripts"
>>
>> "The APIs will be designed to permit execution in the Web browser 
>> context, using the security model of the Web."
>>
>> "The CG will define a Web NFC API specification, suitable for use 
>> from Web Browsers."
>>
>> If I'm understanding you, it seems you want to do something other 
>> than an NFC JavaScript API for Web Browsers and that you think that 
>> isn't useful or necessary.  Again, if I understand you, you would 
>> like a spec for discovery and message passing to native apps from Web 
>> pages and you think that would be a substitute for efforts like this 
>> group.
>>
>> That would be a different group, not this one.   It would be one 
>> about registering and exchanging messages with native code. There are 
>> other groups who could consider that: Web Applications Security WG, 
>> Web Applications WG, Trust & Permissions Community Group, Device API 
>> WG, or a new Community Group aimed at that particular topic.   This 
>> Community Group isn't for delivering general infrastructure like 
>> that.  It would be one of those groups or a separate group.
>>
>>>
>>> Cheers,
>>> Anders
>>>
>>> On 2015-04-14 13:41, Anders Rundgren wrote:
>>>> When I read issues like https://github.com/w3c/web-nfc/issues/16
>>>> I get the impression that you expect connecting clients to use 
>>>> Web-technology.
>>>>
>>>> IMO, this assumption will severely limit the value of Web NFC.
>>>> The only "standard" that's really lacking, is a way for untrusted 
>>>> Web-pages to interact with connecting client devices.
>>>> http://ipt.intel.com/Home/How-it-works/network-security-identity-management/ipt-with-near-field-communications 
>>>>
>>>>
>>>> How Web-based OSes expose NFC to the outer world should IMO be left 
>>>> to another forum to cater for including
>>>> security considerations.
>>>>
>>>> Cheers,
>>>> Anders
>>>>
>>>>
>>>
>>>
>>>
>>>
>>
>
Received on Friday, 17 April 2015 15:45:43 UTC