+1 Mike West. On Fri, Jul 15, 2016 at 3:06 PM, Mike West <mkwst@google.com> wrote: > +Brad and Wendy, who have opinions. > > On Thu, Jul 14, 2016 at 4:35 PM, Harry Halpin <hhalpin@w3.org> wrote: > >> We're thinking of adding a sentence saying that secure origins should be >> required for the use of WebCrypto. >> >> In detail, we'd like to follow the definition of a secure context given >> here [1], although since that document is still an editor's draft so we >> will instead say that the "The top-level browsing context should be >> secure when using the WebCrypto API." >> > > I recommend against creating a one-off mechanism; the secure contexts spec > is pretty far along, and I don't believe it will block your progress. I > asked for a TAG review a little while ago ( > https://github.com/w3ctag/spec-reviews/issues/124), and got positive > feedback along with a number of small issues to fix. I made quite a bit of > progress on them today, and expect to be ready to issue a CfC to move to CR > ~next week. > > >> Since all browsers support WebCrypto using TLS, this should not change >> the test-suite or conformance requirements. As long as browsers enable >> the usage of WebCrypto in TLS, we will not consider them non-conformant >> if they offer the usage of WebCrypto outside TLS. However, given it is >> not best practice, this note will at least inform developers to use TLS >> properly when using WebCrypto, as otherwise (as we've seen), some >> developers may believe enabling WebCrypto without TLS may give them >> security properties it indeed does not. >> > > I would suggest that one way to prevent the mismatch between developer > expectation and actual guarantee is to enforce restrictions that uphold the > latter. > > -mike >
Received on Friday, 15 July 2016 19:23:48 UTC