Javascript integrity concerns from bence@suopte.com on 2013-05-17 (public-webcrypto-comments@w3.org from May 2013)

From: <bence@suopte.com>
Date: Fri, 17 May 2013 02:05:22 +0200
To: <public-webcrypto-comments@w3.org>
Message-ID: <9723.1368749122@suopte.com>

 Dear Members of Web Crypto API Team! 
  
 Firstly I am really pleased to read about the great achievements done by
the Web Crypto API team, because it has the potential to eliminate most of
the wide spread concerns with browser based cryptography. Also I really
looking forward to the implementations in browsers.
  
 However, as an amateur web developer I think there is one important
weakness of this API, that is as follows. Several "weekend developers" -
for example me - will start to use this API serving their javascript code
from cheap, shared hosts. Even if they provide a web application with a
secure connection (https), they can not guarantee that the integrity of the
served javascript files is not compromised by curious employees of the
hosting provider, or attackers who gain access to these loosely protected
servers. In the meantime the above mentioned developers - not knowing these
problems - would advertise their web application as super secure and they
may claim that "customers can provide their most confidential data without
the risk of abuse". If users do provide their confidential data curious
employees and attackers may feel much temptation to simply modify the
javascript code and gain access to the raw unencrypted data. 
  
 So I think there should be some signature method to guarantee the
integrity of the javascript code, in the sense that the script downloaded
by the browser is the same as the one which was written by the developer,
and not the one on the host, because the latter may be broken. 
  
 I was thinking about this problem for a long while, and concluded that it
can not be solved without integrating a sanity check into the browser (or
into a plugin, which could be much more cumbersome). 
  
 However, I might be wrong, as I am only a weekend developer, and also I
am not sure whether this issue stays in the scope of Web Crypto API. Also
there may be as much as a thousand letters in the public mail archive which
I did not read through, so I am sorry if this is an already known or solved
problem, or a duplicate of an existing issue.
  
 Best regards, 
 Bence Ágg 
 http://suopte.com/en/
 bence@suopte.com

Received on Friday, 17 May 2013 10:18:28 UTC