- From: Jeffrey Walton <noloader@gmail.com>
- Date: Sun, 28 Aug 2016 21:44:59 -0400
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- Cc: public-webcrypto-comments <public-webcrypto-comments@w3.org>
On Tue, Aug 16, 2016 at 2:20 PM, Anders Rundgren <anders.rundgren.net@gmail.com> wrote: > On 2016-08-16 20:00, Charles Engelke wrote: >> >> This solution does not allow the actual unencrypted key to ever > >> leave the end user's control unless the software cheats. And that's >> always a risk, not only with WebCrypto. > > With WebCrypto we are presumably talking about software transiently > downloaded from a provider's site for running in a browser. > > Ordinary users have no insight in such software and it haven't been > vouched for by a third-party either. > > This is not a specific WebCrypto problem, it is rather a generic > Web issue, i.e. the lack of a "trusted code" concept. Worse, Public Key Pinning with Overrides (RFC 7469) takes the validation performed by a CA/RA and throws it away. I'm side stepping the issue of Authentication is not Authorization. However, the role of the CA and RA is an important building block in the web security model. Jeff
Received on Monday, 29 August 2016 01:45:29 UTC