- From: <bugzilla@jessica.w3.org>
- Date: Wed, 24 Sep 2014 12:00:23 +0000
- To: public-webcrypto@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25721 --- Comment #32 from Harry Halpin <hhalpin@w3.org> --- (In reply to Richard Barnes from comment #31) > Thanks for this analysis, Mark. Treating this as possible future work seems > sensible to me. At lest the "non-extractable-only mode" feature is > something for which I can understand how it works and roughly what the value > proposition is, even if I don't necessarily think it's worth doing. Again, I agree with Mark's analysis. The Web does not currently work this way, but that means a whole class of high-value applications with externally verified trust and end-to-end encryption without a totally trusted server are excluded from the Web. Yet simply making keys non-extractable all the time does not actually fix the situation. Thus, I will formally raise the point of trusted Javascript with ensuring that private key material isn't extracted as a example to the Web Application Security Working Group. I believe the Web should support such functionality and that this is within the scope of a re-chartered Web Application Security Working Group. I will email Web Application Security describing the problem. If we can get the charters to re-align, then it may even be within scope of joint work between the Web Application Security Working Group and a re-chartered Web Cryptography Working Group. However, right now I don't see how we can address this issue in a way that meaningfully resolves Tom and Elijah's worry, because in effect if one doesn't trust the server 100%, the Web is broken for your application. I believe this will address the reviewers concerns. -- You are receiving this mail because: You are on the CC list for the bug.
Received on Wednesday, 24 September 2014 12:00:29 UTC