W3C home > Mailing lists > Public > public-webcrypto@w3.org > September 2012

Re: Use Cases | ACTION-13 Revisited

From: Mark Watson <watsonm@netflix.com>
Date: Fri, 7 Sep 2012 19:59:32 +0000
To: Ryan Sleevi <sleevi@google.com>
CC: Vijay Bharadwaj <Vijay.Bharadwaj@microsoft.com>, GALINDO Virginie <Virginie.GALINDO@gemalto.com>, "public-webcrypto@w3.org Working Group" <public-webcrypto@w3.org>, Arun Ranganathan <arun@mozilla.com>, "estark@mit.edu" <estark@mit.edu>, Mitch Zollinger <mzollinger@netflix.com>
Message-ID: <CFDAD0F2-9DCD-4CA1-98DB-907B6C58D568@netflix.com>

On Sep 7, 2012, at 11:49 AM, Ryan Sleevi wrote:

> On Fri, Sep 7, 2012 at 10:19 AM, Vijay Bharadwaj
> <Vijay.Bharadwaj@microsoft.com> wrote:
>> I'm fine with Mark's suggested changes. Here is a further condensed version incorporating the spirit of those changes. Mark, do you like this text or would you rather go back to the previous text with smaller tweaks?
>> 
>> Out-of-Band Key Provisioning
>> 
>> Web applications may wish to use keys that have been provisioned through means outside the scope of this API. This may include keys that are provisioned through platform-specific native APIs, stored in secure elements such as smart cards or trusted platform modules (TPMs), or individually bound to devices at time of manufacturing. Such keys may, for example, be used to prove the identity of the client to a specific web service. User agents may choose to expose such keys to web applications after implementing appropriate security and privacy mitigations, such as gaining user consent or other out-of-band authorization.
>> 
>> In this scenario, a web application discovers a pre-provisioned key based on its attributes and uses it to perform authorized cryptographic operations as part of a protocol with a server. The server may utilize knowledge (obtained out-of-band) regarding the key's provisioning to make access control and policy decisions, such as inferring the identity of the user and/or device and customizing its responses based on that.
>> 
> 
> Thanks for this text, Vijay. I Agree, it definitely reads nicer.
> 
> One concern though would be the statement "Such keys may, for example,
> be used to prove the identity of the client to a specific web
> service." I'm not sure this is a fair or accurate statement, and
> reflects the general problem of crypto - keys don't prove identities,
> just that the keys are accessible. The identity is inferred from that
> access - with the hope/assumption that only the authorized identity
> has access.
> 
> I'm not sure if the sentence is essential to the use case, and would
> suggest just removing it, but in the event there is disagreement, one
> possible way to restate this would be
> 
> "Such keys may, for example, be used to assist in identifying a client
> to a specific web service."

This alternative is ok for me (and better than removing the sentence altogether).

ůMark

> 
> This also makes it consistent with the second paragraph, which
> acknowledges that the protocol merely assists in inferring the
> identity, rather than proving it.
> 
Received on Friday, 7 September 2012 20:00:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 7 September 2012 20:00:02 GMT