Re: Reminder - trust & permissions meeting 3-4 September, Paris from Anders Rundgren on 2014-08-19 (public-sysapps@w3.org from August 2014)

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Tue, 19 Aug 2014 17:25:18 +0200
To: Dave Raggett <dsr@w3.org>
CC: "Kostiainen, Anssi" <anssi.kostiainen@intel.com>, "public-sysapps@w3.org" <public-sysapps@w3.org>, Jonas Sicking <jonas@sicking.cc>
Message-ID: <53F36C5E.5080403@gmail.com>

On 2014-08-19 14:51, Kostiainen, Anssi wrote:
> On 06 Aug 2014, at 17:20, Kostiainen, Anssi <anssi.kostiainen@intel.com> wrote:
>
>> Hi Dave,
>>
>> On 16 Jul 2014, at 12:18, Dave Raggett <dsr@w3.org> wrote:
>>
>>> p.s. I've added a link to the draft white paper I am writing surveying native, hybrid and web based platforms and invite your comments and corrections, see:
>>>
>>>   http://www.w3.org/2014/05/wp-trust-permissions/Overview.html
> [...]
>
>> * Future Directions
>>
>> I think the "Permissions UI & Necessary API” [3] thread had some input and ideas to add to the observations (or, perhaps you already combed through the thread?).
>>
>> Another recent thread that may have input to this paper is "Proposal: Prefer secure origins for powerful new web platform features” [4].
> [...]
>
> A post dubbed "Future of packaged apps” by Jonas (cc’d) that discusses permissions (a topic not packaging specific) might be relevant input to the paper too:
>
> https://groups.google.com/d/msg/mozilla.dev.webapi/68I80XiipBI/pXzzhGPyAqMJ

I believe the WebCrypto++ specification qualifies here as well:
http://webpki.org/papers/PKI/pki-webcrypto.pdf#page=2

WebCrypto++ introduces a security and trust model which is similar to what the payment industry use IRL.  I.e. payment terminals must be "certified".  This concept is translated in WebCrypto++ as follows: A key stored in an embedded security token recognizes (aided by the OS through an ACL supplied with a key during issuance) a transiently loaded signed web-module as "trusted" and thus enabling the module code to be used with the key. This scheme supports fully decentralized operation without the NASCAR syndrome. User intervention for trust decisions appear unnecessary since the only additional privilege required is the access to a specific key(s) for a by the key-issuer defined purpose.

Other models for supporting secure web-payments seem to either rely on cooperation between platform vendors and payment providers or bypassing the browser altogether which IMO most likely will stifle innovation and thwart wide-scale adoption.

Anders

>
> Thanks,
>
> -Anssi
>
>> [3] http://lists.w3.org/Archives/Public/public-sysapps/2014May/0004.html
>> [4] http://lists.w3.org/Archives/Public/public-webappsec/2014Jun/0222.html
>

Received on Tuesday, 19 August 2014 15:26:15 UTC