- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Sun, 05 Jun 2011 09:52:29 +0200
- To: David Dahl <ddahl@mozilla.com>
- CC: public-web-security@w3.org
I have a question which I brought up in the "Identity in the Browser" WS: If you do private/secret key operations that target keys that reside in the platform, doesn't that require a GUI like crypto.signText()? My experiences with Microsoft's "CertEnroll" indicates that exposing platform crypto modules to untrusted browser code is a surefire way of getting into trouble. I don't see that statically installed ActiveX controls and JavaScript are any different in this respect. Anders On 2011-06-02 15:46, David Dahl wrote: > Hello public-web-security members, > > (I wanted to post this proposed draft spec for the DOMCrypt API ( https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest ) to this list - if there is a more fitting mailing list, please let me know) > > I recently posted this draft spec for a crypto API for browsers to the whatwg (see: http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2011-May/031741.html) and wanted to get feedback from W3C as well. > > Privacy and user control on the web is of utter importance. Tracking, unauthorized user data aggregation and personal information breaches are becoming so commonplace you see a new headline almost daily. (It seems). > > We need crypto APIs in browsers to allow developers to create more secure communications tools and web applications that don’t have to implicitly trust the server, among other use cases. > > The DOMCrypt API is a good start, and more feedback and discussion will really help round out how all of this should work – as well as how it can work in any browser that will support such an API. > > This API will provide each web browser window with a ‘cipher’ property[1] that facilitates: > > asymmetric encryption key pair generation > public key encryption > public key decryption > symmetric encryption > signature generation > signature verification > hashing > easy public key discovery via meta tags or an ‘addressbookentry’ tag > > [1] There is a bit of discussion around adding this API to window.navigator or consolidation within window.crypto > > I have created a Firefox extension that implements most of the above, and am working on an experimental patch that integrates this API into Firefox. > > The project originated in an extension I wrote, the home page is here: http://domcrypt.org > > The source code for the extension is here: https://github.com/daviddahl/domcrypt > > The Mozilla bugs are here: > > https://bugzilla.mozilla.org/show_bug.cgi?id=649154 > https://bugzilla.mozilla.org/show_bug.cgi?id=657432 > > Firefox "feature wiki page": https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI > > You can test the API by installing the extension hosted at domcrypt.org, and going to http://domcrypt.org > > A recent blog post updating all of this is posted here: http://monocleglobe..wordpress.com/2011/06/01/domcrypt-update-2011-06-01/ > > The API: > > window.cipher = { > // Public Key API > pk: { > set algorithm(algorithm){ }, > get algorithm(){ }, > > // Generate a keypair and then execute the callback function > generateKeypair: function ( function callback( aPublicKey ) { } ) { }, > > // encrypt a plainText > encrypt: function ( plainText, function callback (cipherMessageObject) ) { } ) { }, > > // decrypt a cipherMessage > decrypt: function ( cipherMessageObject, function callback ( plainText ) { } ) { }, > > // sign a message > sign: function ( plainText, function callback ( signature ) { } ) { }, > > // verify a signature > verify: function ( signature, plainText, function callback ( boolean ) { } ) { }, > > // get the JSON cipherAddressbook > get addressbook() {}, > > // make changes to the addressbook > saveAddressbook: function (JSONObject, function callback ( addresssbook ) { }) { } > }, > > // Symmetric Crypto API > sym: { > get algorithm(), > set algorithm(algorithm), > > // create a new symmetric key > generateKey: function (function callback ( key ){ }) { }, > > // encrypt some data > encrypt: function (plainText, key, function callback( cipherText ){ }) { }, > > // decrypt some data > decrypt: function (cipherText, key, function callback( plainText ) { }) { }, > }, > > // hashing > hash: { > SHA256: function (function callback (hash){}) { } > } > } > > Your feedback and criticism will be invaluable. > > Best regards, > > David Dahl > > Firefox Engineer, Mozilla Corp. > > > >
Received on Sunday, 5 June 2011 07:53:26 UTC