W3C home > Mailing lists > Public > public-webcrypto@w3.org > July 2016

Re: Call for Consensus: Require secure context for WebCrypto

From: Mike West <mkwst@google.com>
Date: Fri, 15 Jul 2016 21:06:32 +0200
Message-ID: <CAKXHy=fCCtbAxAunFE-eu8DdK9HicRWSg-2=6a-VhCo1Uueokg@mail.gmail.com>
To: Harry Halpin <hhalpin@w3.org>, Brad Hill <hillbrad@gmail.com>, Wendy Seltzer <wseltzer@w3.org>
Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
+Brad and Wendy, who have opinions.

On Thu, Jul 14, 2016 at 4:35 PM, Harry Halpin <hhalpin@w3.org> wrote:

> We're thinking of adding a sentence saying that secure origins should be
> required for the use of WebCrypto.
>
> In detail, we'd like to follow the definition of a secure context given
> here [1], although since that document is still an editor's draft so we
> will instead say that the "The top-level browsing context should be
> secure when using the WebCrypto API."
>

I recommend against creating a one-off mechanism; the secure contexts spec
is pretty far along, and I don't believe it will block your progress. I
asked for a TAG review a little while ago (
https://github.com/w3ctag/spec-reviews/issues/124), and got positive
feedback along with a number of small issues to fix. I made quite a bit of
progress on them today, and expect to be ready to issue a CfC to move to CR
~next week.


> Since all browsers support WebCrypto using TLS, this should not change
> the test-suite or conformance requirements. As long as browsers enable
> the usage of WebCrypto in TLS, we will not consider them non-conformant
> if they offer the usage of WebCrypto outside TLS. However, given it is
> not best practice, this note will at least inform developers to use TLS
> properly when using WebCrypto, as otherwise (as we've seen), some
> developers may believe enabling WebCrypto without TLS may give them
> security properties it indeed does not.
>

I would suggest that one way to prevent the mismatch between developer
expectation and actual guarantee is to enforce restrictions that uphold the
latter.

-mike
Received on Friday, 15 July 2016 19:07:21 UTC

This archive was generated by hypermail 2.3.1 : Friday, 15 July 2016 19:07:22 UTC