- From: Ryan Sleevi <rsleevi+w3c@chromium.org>
- Date: Thu, 16 Feb 2012 11:29:45 -0800
- To: timeless <timeless@gmail.com>
- Cc: public-identity@w3.org
- Message-ID: <CACvaWvaidvasQnvoG_eXs+1PkK1p3tVRqUM7mejA9LWSPH08dA@mail.gmail.com>
On Thu, Feb 16, 2012 at 5:11 AM, timeless <timeless@gmail.com> wrote: > One thing that NetFlix brought up which I'm hitting in [1] is the > ability to enable public caching of "signed" content. > > Roughly, this is something like: > > getCachableBlobViaHttp(http_url, handleSuspectBlob) > > function handleSuspectBlob(suspectBlob) { > navigator.crypto.detaintWithSignatureCheckedAgainstCAList(suspectBlob, > limitedListOfCAs, detaintCallback); > } > > function detaintCallback(detaintedBlobOrNull, signingCert, suspectBlob) { > if (detaintedBlobOrNull) { > /* yay, the resource as detaintedBlobOrNull can be used to not void > the Blue/Green/Purple seal on our web page */ > myImage.src = convertBlobToURL(detaintedBlobOrNull); > } > } > > To make a purple state (instead of Blue/Green), I'm envisioning a call: > navigator.crypto.loadPageWithStrictResourceSignatures(limitedListOfCAs, > optionalURLdefaultingToCurrentURLifNull) which would cause the page to > navigate to optionalURLdefaultingToCurrentURLifNull and the only HTML, > CSS, or Images that could load would be from limitedListOfCAs. XHR to > other resources would be allowed but would be tainting (breaking the > purple seal) unless they were passed via > navigator.crypto.detaintWithSignatureCheckedAgainstCAList. > > This isn't something I'm a big fan of, but I think it enables the UC > that NetFlix has in mind as well as NFC cards... > > There's some overlap to WebApps or WebAppsSec and possibly HTML. > > Perhaps this sort of thing is already in scope for WebAppsSec - I > haven't looked there.... > > [1] > http://lists.w3.org/Archives/Public/public-device-apis/2012Feb/0051.html > > -- > Sent from my mobile device > > Not to be dismissive, but there seems to be a whole lot of hand waving here, particularly around areas where many a standards battle has been waged and won/lost (depending on which side you took). For example, "detainWithSignatureCheckedAgainstCAList" can mean many things. Should you apply PKIX rules? RFC 3280? 5280? Are you treating the CAs as simply public-key-and-subject delivery mechanisms, or do you treat them as public-key-and-subject-and-constraints? Is it using CMS? PKCS#12? JOSE? Custom? Are you checking against the entire contents of the blob (CMS-style signatures) or do you need to have media-type awareness so that meta-data can be delivered in-band (Authenticode-style signatures). Further, this idea of detainting something and blue/green/purple states seems to go into the current out of scope list item of "functions in the API that require smartcard or device-specific behaviour." At the last, a sealed execution environment, or even just resource loading, seems to touch much broader than just figuring how the crypto might deliver such sealed resources. I'm just trying to highlight that it's very easy for "detaintWithSignatureChecked...", as some sort of intrinsic function as part of the Web Cryptography API, can very easily spiral out of control, so it might be in our best interest to work on the 'simple' things like working out a basic API for signing/encrypting/hashing and the ability for cryptographic agility before we work up to that point. For the UX and page security of resource loading (either active or passive content) and how that affects the execution environment, that's likely a combined effort of the IETF's WebSec group (HTTP Strict Transport Security and Certificate Pinning both come to mind) and WebAppSec (Content Security Policy, etc), as you note. The fact that such a thing may be enabled by crypto is somewhat secondary, and not really in scope for what at least the draft charter is proposing.
Received on Thursday, 16 February 2012 21:10:24 UTC