RE: Using client certificates for signing

I'm convinced. Those prompts are useless. "Dear user. Would you like to <crypto blah blah blah> Y/N?" is in general a useless prompt. Users only understand in-context prompts like "Would you like to buy <FOO> from <merchant.com> for <$BAR>?" Having the browser ask the user a question about crypto is a guaranteed failure.

Perhaps I've misunderstood and you have some way to deliver an in-context prompt. Let's here that. But a generic crypto prompt is not going to happen.

-----Original Message-----
From: Mitar [mailto:mmitar@gmail.com] 
Sent: Tuesday, February 23, 2016 10:53 PM
To: Anders Rundgren <anders.rundgren.net@gmail.com>
Cc: public-webappsec@w3.org
Subject: Re: Using client certificates for signing

Hi!

On Mon, Feb 22, 2016 at 10:51 PM, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
>> But with web crypto, I think this position paper is really on point:
>>
>>
>> https://www.w3.org/2012/webcrypto/webcrypto-next-workshop/papers/Usin

>> g_the_W3C_WebCrypto_API_for_Document_Signing.html
>
> No, it has been rejected an IMO for good reasons:
> http://webpki.org/papers/permissions.pdf


I beg to differ. I checked the link you provided and I have not been convinced.

Even if user would be signing unknown content, the prompt would still be reasonable only in some contexts. If user would get the prompt in the unexpected context, it is easy to cancel it. If user is on the e-government website doing taxes, it can assume that they are signing trustworthy document. Without having to expose their keys in any way.
They already have to trust the website to some degree (that they will store the signature). Moreover, the signature made with the client-certificate can be independently verified.

The proposal that there could be a way to sign a form (is this so strange a requirement, you sign so many forms in real-world, why there could not be an element to sign a form?) browser could even display the content being signed.

Also, there could be a hook for browser extensions to intercept signing and do even extra check, render content in smart ways to display what exactly is being signed and so on. We could leave to the community to further improve signing experience.

> If you are looking for a short-term remedy, FIDO alliance, Server 
> signing, and Identity provider schemes appears to be your best bet.

I do not see how any of proposed alternatives provides this features?
How exactly would any of those allow one to use client-side certificates provided by the government?

> The signature laws have recently been "adjusted" to support server 
> signatures since the smart card based vision didn't really pan out.

And mostly because of the lack of support in browsers. Governments even managed to solve the problem of distributing the keys widely.

Can you please provide references to those changes in laws? I am really curious how they managed to describe viable alternatives.


Mitar

--
http://mitar.tnode.com/

https://twitter.com/mitar_m

Received on Wednesday, 24 February 2016 07:11:53 UTC