W3C home > Mailing lists > Public > public-webcrypto@w3.org > June 2012

Re: Use case classification, and associated security models

From: Wan-Teh Chang <wtc@google.com>
Date: Wed, 13 Jun 2012 17:54:45 -0700
Message-ID: <CALTJjxFWwW1a_9ErWLtgS5k8m0oihcmB27CAR6R3Rz5LN9SaqQ@mail.gmail.com>
To: Vijay Bharadwaj <Vijay.Bharadwaj@microsoft.com>
Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Hi Vijay,

Thank you for answering my question.  I'm sorry my question wasn't
clear.  I didn't mean to make you write about the difference between
GenerateKey and ImportKey.  My question was really about what you
called "key provenance".

On Wed, Jun 13, 2012 at 7:23 AM, Vijay Bharadwaj
<Vijay.Bharadwaj@microsoft.com> wrote:
>
> From the perspective of key provenance, in #1 the key is generated within the app
> so the browser knows who generated the key and can tag it with appropriate metadata.
> In #2 the browser doesn't necessarily know where the key came from - it is embedded
> in some protocol that is run by the app - so the browser cannot validate provenance.
> However, I don't think this needs to be reflected in the API separately - the fact that
> an app does an ImportKey operation should indicate that the app is responsible for
> ensuring the provenance of the key.

The distinction you made here does not seem important. In a
Diffie-Hellman key exchange, the app derives the key locally, taking
the other party's public key as input.  It is very similar to scenario
#1.

It seems that the important property is whether a key is to be used
only by that app (or rather, web origin), or is to be shared by
multiple apps (web origins), and whether a key is temporary or
persistent.  Whether the key is produced by a key generation or key
exchange procedure seems less important.

Wan-Teh
Received on Thursday, 14 June 2012 00:55:14 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 14 June 2012 00:55:14 GMT