CHAPI Security Model (was: Re: Progress check on this thread) from Manu Sporny on 2022-04-02 (public-credentials@w3.org from April 2022)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Sat, 2 Apr 2022 19:35:22 -0400
To: Tobias Looker <tobias.looker@mattr.global>, "public-credentials@w3.org" <public-credentials@w3.org>
Message-ID: <e6bdc59b-526c-8819-3c3d-8a2e08ef6f82@digitalbazaar.com>

On 3/29/22 8:43 PM, Tobias Looker wrote:
>> Sounds good, in the name of fairness, I can kick off a "Centralization
>> dangers
> of applying CHAPI to wallet selection" thread.
> 
> Great, to be clear though, there may be some challenges with regards to 
> centralization in CHAPI, however the concerns I was referring to are how
> it works in browser today and what the options and choices are given the 
> landscape we are in. I've made a separate item in the spreadsheet to
> discuss these

I've taken the CHAPI sheet you added, Tobias (which was very useful, thank
you) and expanded it into a CHAPI Security Model document.

This document contains the security model and threat analysis for the
Credential Handler API (CHAPI). It defines the objectives, technical scope,
components, security analysis, attack model, and risk and impact analysis for
the API:

https://docs.google.com/document/d/1DavP0nFut41BZ3jNDyIECUEamSuqhbR0vkMTK96bc4s/edit#

The vulnerabilities you were concerned about, and the mitigations, have been
documented in the section titled "Vulnerability and Weakness Analysis".

https://docs.google.com/document/d/1DavP0nFut41BZ3jNDyIECUEamSuqhbR0vkMTK96bc4s/edit#heading=h.vmnd8ja8qibj

The document is a starting point for a deeper conversation about the current
and future security model around CHAPI.

For those of you that are interested, there are also active conversations
around exchange authentication and authorizations related to CHAPI, VC-API,
and VPR (including protocol flow diagrams):

https://github.com/w3c-ccg/vc-api/issues/279

... and wallet feature detection wrt. VC-API and VPR:

https://github.com/w3c-ccg/vc-api/issues/280

All that said, this thread is also fair game wrt. questions and
attack/threat/security modelling related to wallet mediators (such as CHAPI).

-- manu

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021)
https://www.digitalbazaar.com/

Received on Saturday, 2 April 2022 23:35:39 UTC