Re: W3C's Enrollment Specification from Anders Rundgren on 2011-08-06 (public-identity@w3.org from August 2011)

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Sat, 06 Aug 2011 12:06:29 +0200
To: Henry Story <henry.story@bblfish.net>
CC: "public-identity@w3.org" <public-identity@w3.org>
Message-ID: <4E3D1225.2030805@telia.com>

On 2011-08-06 11:38, Henry Story wrote:
> On 6 Aug 2011, at 10:04, Anders Rundgren wrote:
>> http://lists.w3.org/Archives/Public/public-html/2011Aug/0033.html
>>
>> W3C is like PKIX working with the idea of upgrading existing schemes
>> rather than starting with a requirement specification and see where
>> that leads you.
>>
>> I don't think W3C's revised <keygen> will go anywhere because a 2-phase
>> protocol doesn't really cut it.  Apple's already deployed scheme for iPhone
>> is considerably more powerful and user-friendly.
> 
> The MD5 situation can be mitigated by the server using a time based challenge.
> This can reduce the attack surface to a few minutes. I doubt md5 is that bad.
> But better security would be better of course.

Yes, I think this particular "problem" is irrelevant and doesn't need solving.

> I wrote this up the different ways of creating certificates here
> 
> http://www.w3.org/wiki/Foaf%2Bssl/Clients#Support_for_easy_creation_of_certificates
> 
> What I am still not clear about is what could go wrong. I thought I had understood 
> that for a while, but I realised I am not clear about that. After all a public 
> certificate is no use if you do not have the private key corresponding to the public key
> published in the certificate. So even if someone took the public key generated by the browser
> there is not much they could do with it.
> 
> Can you fill be in again here? I feel like there is something I am missing here, and I would
> like to fill in the whole in the wiki above.

That's absolutely correct, you get nowhere with a certificate without
the matching private key.  In fact, the PoP (Proof-of-Possession) schemes
featured in enrollment schemes are redundant. Attestations of the kind
there are in ETSI/3GPP and TCG protocols OTOH, actually fills a purpose
since they identify the key-container.


> By the way I don't see how what Apple is doing could have a better user interface.
> The user interface for keygen is: click a button. Unless they move to mind reading...

Well, user-interface is just one aspect but if we concentrate on that one, Apple's
solution eliminates the confusing strong/weak button.

Anders

> 
> Henry
> 
> 
>>
>> Anders
>>
> 
> Social Web Architect
> http://bblfish.net/
> 
> 
>

Received on Saturday, 6 August 2011 10:07:16 UTC