Re: WebCrypto namespace from Anders Rundgren on 2013-03-12 (public-webcrypto-comments@w3.org from March 2013)

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Tue, 12 Mar 2013 07:07:23 +0100
To: noloader@gmail.com
CC: public-webcrypto-comments@w3.org
Message-ID: <513EC61B.9050804@telia.com>

On 2013-03-12 04:56, Jeffrey Walton wrote:
> Hi Ryan,
> 
> I was trying to find a way to help developers understand that some
> constructs are not as safe as others. For example, MD5 vs SHA or
> PKCS#1 Padding vs OAEP. I was thinking a namespace could be used to
> help make the distinction. For example, MD5 and PKCS#1 could be placed
> in an 'unsafe', 'weak', or 'interop' namespace. Within the
> documentation, you could offer a warning. The additional typing alone
> would probably be all the deterrent you need :)
> 
> Otherwise, developers will jump on the old band wagon they know even
> though WebCrypto has given them more secure or desirable options. Put
> another way, how do you help a developer or save a developer from
> himself/herself when he/she is under tremendous pressures to deliver
> (and may not have the time to research)?
> 
> Devil's advocate: how many developers will take the time to locate the
> paper "The Million Message Attack in 15 000 Messages" and understand
> the implications on a high volume web server?

This is an interesting topic.  The WG intends to address this is another
way by offering a high-level API where you have a method like encrypt
and the method select the _currently_ assumed secure way to do that.

Personally, I feel skeptical about the idea that people without
deeper knowledge of cryptography build large systems based on it.
It is typically not the actual method that is the culprit but how
you apply it in a protocol.  Since a JS-powered web is all about
client-server, cryptographic protocols is really what this API aims at.

Anders


> 
> Jeff
> 
> On Mon, Mar 11, 2013 at 11:00 PM, Ryan Sleevi <sleevi@google.com> wrote:
>> DOM APIs don't really have namespaces. The closest approximation is the fact
>> that the SubtleCrypto interface provides the low-level interface, as part of
>> window.crypto.subtle.
>>
>> Perhaps you had a different concept in mind? Note this is not a Constructor
>> pattern as seen in some non-DOM APIs (Most DOM APIs go in the global scope.)
>>
>> On Mar 11, 2013 7:53 PM, "Jeffrey Walton" <noloader@gmail.com> wrote:
>>>
>>> Hi All,
>>>
>>> Will WebCrypto be going into its own namespace?
>>>
>>> It does not appear to be discussed at
>>> https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html.
> 
>

Received on Tuesday, 12 March 2013 06:07:53 UTC