- From: Richard Barnes <rlb@ipv.sx>
- Date: Tue, 4 Feb 2014 07:42:21 -0800
- To: Matthew Tamayo <matthew@kryptnostic.com>
- Cc: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
Received on Tuesday, 4 February 2014 15:42:48 UTC
Hey Matthew, You're exactly right. The idea of the extractable attribute is that the key is safe from bad scripts after it's generated. If you think the spec is unclear, it would be really helpful if you could suggest some ways to clarify. Thanks, --Richard On Monday, February 3, 2014, Matthew Tamayo <matthew@kryptnostic.com> wrote: > A fellow developer point me at the Web Crypto API draft, when I was > looking into whether it would be possible to have the browser execute some > key generation process that would allow use of a secret key for encryption > / decryption, but would not allow that key to be extracted and sent > elsewhere with a Javascript call. I was wondering if the "Key.extractable" > property in section 11 was intended for that purpose. > > The specific scenario I am interested in is if a bad actor is able to > compromise a website to deliver bad JS that attempts to extract they keys > and send them to their own server, whenever a user visits what is otherwise > a functional and previously safe site. > > It would be very useful for a site to be able to generate a key, which is > could use via a handle like interface, but the site is unable to read the > contents of the keys. > > Matthew >
Received on Tuesday, 4 February 2014 15:42:48 UTC