- From: Ryan Sleevi <sleevi@google.com>
- Date: Mon, 17 Sep 2012 18:59:45 -0700
- To: Mountie Lee <mountie.lee@mw2.or.kr>
- Cc: Web Cryptography Working Group <public-webcrypto@w3.org>
- Message-ID: <CACvaWvYouxDT0H6BjYVaiko167oW9uRzpBB2G91CU0u5eKURBw@mail.gmail.com>
On Mon, Sep 17, 2012 at 6:31 PM, Mountie Lee <mountie.lee@mw2.or.kr> wrote: > Hi. > I want to make consensus and verify that the current WebCryptoAPI is > enough for implementing non-repudiation services ( > http://en.wikipedia.org/wiki/Non-repudiation) > also want to know whats are undefined or missing parts. > > because > some countries has the regulations that give digital signature can be > non-repudiable . > > > ======================================= > PayGate Inc. > THE STANDARD FOR ONLINE PAYMENT > for Korea, Japan, China, and the World > > > Depends on your definition of non-repudiation. While this offers an API to perform digital signatures (aka the non-forgeable part of non-repudiation), it is inherent in the operating environment that some elements of non-repudiation simply cannot be offered. For example, if a site is XSSed, a signature can be fraudulently generated by a malicious third-party, and thus needs to be repudiable. Likewise, if signatures can be generated with no/minimal user interaction, then a malicious site can fraudulently generate a signature that is Signature(X), while presenting to the user that they generated Signature(Y). Broadly speaking, and nice that Wikipedia links to it, non-repudiation is not really possible without a trusted computing environment ( http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/778/687). Since JavaScript in a web page is not in and of itself a trusted computing environment, I don't think you can attain non-repudiation. Since our WG can't solve the trusted computing problem, I don't think we can solve the non-repudiation problem, just like it cannot be solved with native code or plugins, despite claims to the contrary.
Received on Tuesday, 18 September 2012 02:00:16 UTC