W3C home > Mailing lists > Public > public-webcrypto@w3.org > September 2012

Re: Non Repudiation via WebCrypto API

From: Ryan Sleevi <sleevi@google.com>
Date: Mon, 17 Sep 2012 18:59:45 -0700
Message-ID: <CACvaWvYouxDT0H6BjYVaiko167oW9uRzpBB2G91CU0u5eKURBw@mail.gmail.com>
To: Mountie Lee <mountie.lee@mw2.or.kr>
Cc: Web Cryptography Working Group <public-webcrypto@w3.org>
On Mon, Sep 17, 2012 at 6:31 PM, Mountie Lee <mountie.lee@mw2.or.kr> wrote:

> Hi.
> I want to make consensus and verify that the current WebCryptoAPI is
> enough for implementing non-repudiation services (
> http://en.wikipedia.org/wiki/Non-repudiation)
> also want to know whats are undefined or missing parts.
>
> because
> some countries has the regulations that give digital signature can be
> non-repudiable .
>
>
>  =======================================
> PayGate Inc.
> THE STANDARD FOR ONLINE PAYMENT
> for Korea, Japan, China, and the World
>
>
> Depends on your definition of non-repudiation.

While this offers an API to perform digital signatures (aka the
non-forgeable part of non-repudiation), it is inherent in the operating
environment that some elements of non-repudiation simply cannot be offered.

For example, if a site is XSSed, a signature can be fraudulently generated
by a malicious third-party, and thus needs to be repudiable.
Likewise, if signatures can be generated with no/minimal user interaction,
then a malicious site can fraudulently generate a signature that is
Signature(X), while presenting to the user that they generated Signature(Y).

Broadly speaking, and nice that Wikipedia links to it, non-repudiation is
not really possible without a trusted computing environment (
http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/778/687).
Since JavaScript in a web page is not in and of itself a trusted
computing environment, I don't think you can attain non-repudiation.

Since our WG can't solve the trusted computing problem, I don't think we
can solve the non-repudiation problem, just like it cannot be solved with
native code or plugins, despite claims to the contrary.
Received on Tuesday, 18 September 2012 02:00:16 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 18 September 2012 02:00:17 GMT