W3C home > Mailing lists > Public > public-webcrypto@w3.org > June 2012

Re: Use case classification, and associated security models

From: Wan-Teh Chang <wtc@google.com>
Date: Wed, 13 Jun 2012 17:54:45 -0700
Message-ID: <CALTJjxFWwW1a_9ErWLtgS5k8m0oihcmB27CAR6R3Rz5LN9SaqQ@mail.gmail.com>
To: Vijay Bharadwaj <Vijay.Bharadwaj@microsoft.com>
Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Hi Vijay,

Thank you for answering my question.  I'm sorry my question wasn't
clear.  I didn't mean to make you write about the difference between
GenerateKey and ImportKey.  My question was really about what you
called "key provenance".

On Wed, Jun 13, 2012 at 7:23 AM, Vijay Bharadwaj
<Vijay.Bharadwaj@microsoft.com> wrote:
> From the perspective of key provenance, in #1 the key is generated within the app
> so the browser knows who generated the key and can tag it with appropriate metadata.
> In #2 the browser doesn't necessarily know where the key came from - it is embedded
> in some protocol that is run by the app - so the browser cannot validate provenance.
> However, I don't think this needs to be reflected in the API separately - the fact that
> an app does an ImportKey operation should indicate that the app is responsible for
> ensuring the provenance of the key.

The distinction you made here does not seem important. In a
Diffie-Hellman key exchange, the app derives the key locally, taking
the other party's public key as input.  It is very similar to scenario

It seems that the important property is whether a key is to be used
only by that app (or rather, web origin), or is to be shared by
multiple apps (web origins), and whether a key is temporary or
persistent.  Whether the key is produced by a key generation or key
exchange procedure seems less important.

Received on Thursday, 14 June 2012 00:55:14 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:10 UTC