W3C home > Mailing lists > Public > whatwg@whatwg.org > August 2010

[whatwg] Proposal for secure key-value data stores

From: Dirk Pranke <dpranke@chromium.org>
Date: Mon, 16 Aug 2010 16:31:26 -0700
Message-ID: <AANLkTikXOqXpqbq2yPqd8qqejkudDHc57q69HQf87bff@mail.gmail.com>
On Mon, Aug 16, 2010 at 3:58 PM, Ian Hickson <ian at hixie.ch> wrote:
> On Tue, 30 Mar 2010, Dirk Pranke wrote:
>>
>> Nicholas is almost certainly discussing the case where the service
>> provider requires any data stored on a customer's computer to be
>> encrypted, not the provider's own computers. (e.g., this could be a
>> Yahoo! policy that data stored on Yahoo! users' computers must be
>> encrypted).
>>
>> Hence they cannot enforce anything like "use FileVault".
>
> If you can't enforce whole disk encryption, but you are concerned that an
> attacker could have access to your machine, it seems that there is no
> solution, since an attacker could just install a rootkit and then carry
> out arbitrary attacks remotely, including simply replacing the browser
> with one that intercepts all the user's data as it is written.
>

While it is true that it would not defend against all attacks, it will
still defend against some classes of attacks (e.g. casual snooping),
and may still be valuable.

-- Dirk

>
> On Tue, 30 Mar 2010, Dirk Pranke wrote:
>>
>> Perhaps we should instead focus on a set of JS Crypto APIs, since that
>> is largely orthogonal to the storage APIs?
>
> That would make more sense, I think. It would be useful in other scenarios
> too (such as replacing <keygen>). I would encourage people interested in
> such an approach to get vendors together and write a spec.
>
> --
> Ian Hickson ? ? ? ? ? ? ? U+1047E ? ? ? ? ? ? ? ?)\._.,--....,'``. ? ?fL
> http://ln.hixie.ch/ ? ? ? U+263A ? ? ? ? ? ? ? ?/, ? _.. \ ? _\ ?;`._ ,.
> Things that are impossible just take longer. ? `._.-(,_..'--(,_..'`-.;.'
>
Received on Monday, 16 August 2010 16:31:26 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:09:00 UTC