Re: [W3C Web Crypto WG] Rechartering discussion - Gemalto contribution from Siva Narendra on 2015-01-30 (public-web-security@w3.org from January 2015)

From: Siva Narendra <siva@tyfone.com>
Date: Thu, 29 Jan 2015 23:56:15 -0800
To: anders.rundgren.net@gmail.com
Cc: Lu HongQian Karen <karen.lu@gemalto.com>, GALINDO Virginie <Virginie.Galindo@gemalto.com>, Wendy Seltzer <wseltzer@w3.org>, Brad Hill <hillbrad@fb.com>, Harry Halpin <hhalpin@w3.org>, public-web-security@w3.org
Message-ID: <CAJhTYQyM1wKgdSia1jYOfuWN-kq7RRL_ijLxcE50vbenKdhiDA@mail.gmail.com>
Apologies for missing the attachment. (Thank you Anders for checking)
On Jan 29, 2015 11:29 PM, "Siva Narendra" <siva@tyfone.com> wrote:

> (+1 for Karen's proposal, albeit the nuances have to be determined in a
> future WG.)
>
> Pls see attached a presentation for W3C's consideration, along similar
> lines as Karen, but perhaps more generic. It is not completely vetted, that
> of course should be after the formation of a future WG.
>
> Based on [1] needless to say there was unanimous interest for hardware
> security based on the workshop in Sep 2014. The unanimous interest becomes
> moderate interest based on the voting if one considers just
> individual-managed IDs (aka FIDO). Hopefully W3C will consider that the web
> standards should be built to support both new standards that enables
> individual-managed and  existing standards that enable centrally-issued.
>
> Unless I'm mistaken,  clearly there are two camps. One set of parties,
> PayPal..., that strongly feel centrally-issued identity standards (such as
> banking, payments, healthcare, citizen cards...) have absolutely NO place
> for the Web and the other set of parties,  Gemalto, Tyfone, Mozilla...,
> that feels Web standards should include both centrally-issued as well as
> user-managed identity standards through a generic framework (see attached).
>
> Irrespective of where we politically/technically stand limited by each of
> our perceptions, for hardware security, it is absolutely essential for W3C
> to support both existing centrally-issued ID standards and the new
> user-managed ID standards such as FIDO.
>
> With all due respect, FIDO,  is not a "be all end all" .  Anything less
> than a generic framework will undermine the usefulness and the openness of
> the web when adding hardware (that needs to manufactured & dustributed) to
> secure ID, data, and transactions.
>
> We cannot bridge the divide between new FIDO individual-managed standards
> and well-established centrally-issued standards, unless and until we know
> who will pay for hardware and who will pay for distribution. So let's
> support all through ONE generic framework (see attached). Let the user's
> pick the winners if some happen to be better than the others. Let us not
> assume users are uneducated about the tradeoffs.
>
> [1] http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/
>
> Best regards,
> Siva
>
> On 2015-01-29 23:50, Brad Hill wrote:
>
> I would like to see details of how this kind of API would or could
> interact with the Same-Origin model of web security, specifically:
>
>  1. Privacy and tracking.  How does the presence of specific crypto
> elements and discoverable keys which are not Origin-scoped not create
> privacy violations?
>
> 2. Origin security.  How are risks around identification of or
> impersonation of the server-side of a transaction, and potential abuse of a
> globally-scope key mitigated by  this kind of API design?
>
> Without a clear discussion of how this API fits into the existing Web
> security and threat model, I think it is inappropriate to proceed.  We
> can't just throw away the fundamental security model that billions of users
> and deployed applications depend on, and I see no evidence (at least in
> these few slides) that such issues have been considered by this proposal.
>
>
> +1
>
> I sent a bunch of similar questions privately.
>
> Assuming that the scheme indeed *is* SOP compliant a number of other
> questions arise such as:
> - What does this offer that U2F doesn't already have?
> - What are the thought applications for SOP-constrained certificates?
>
> Then I would of course be very interested hearing how this specification
> matches the following
> bold statement by the W3C
>
>              http://www.w3.org/2015/01/banker_payments.pdf
>
> given the fact that
>
>              Secure AND Convenient Web Payments
>
> haven't really progressed the last 20 years or so.
> If you consider usage and importance also, it has actually moved in the
> *opposite* direction.
>
> Cheers
> Anders Rundgren
>
>
> Brad Hill
>
> From: Lu HongQian Karen <karen.lu@gemalto.com<mailto:karen.lu@gemalto.com
> >>
> Date: Wednesday, January 28, 2015 at 10:01 AM
> To: GALINDO Virginie <Virginie.Galindo@gemalto.com<mailto:
> Virginie.Galindo@gemalto.com>>, "public-webcrypto@w3.org<mailto:
> public-webcrypto@w3.org>" <public-webcrypto@w3.org<mailto:
> public-webcrypto@w3.org>>
> Cc: "public-web-security@w3.org<mailto:public-web-security@w3.org>" <
> public-web-security@w3.org<mailto:public-web-security@w3.org>>, Wendy
> Seltzer <wseltzer@w3.org<mailto:wseltzer@w3.org>>, Harry Halpin <
> hhalpin@w3.org<mailto:hhalpin@w3.org>>
> Subject: RE: [W3C Web Crypto WG] Rechartering discussion - Gemalto
> contribution
> Resent-From: <public-web-security@w3.org<mailto:public-web-security@w3.org
> >>
> Resent-Date: Wednesday, January 28, 2015 at 10:04 AM
>
>     Please review Gemalto’s contribution. We welcome your comments.
>
>     Regards,
>
>     Karen
>
>     *From:*GALINDO Virginie [mailto:Virginie.Galindo@gemalto.com]
>     *Sent:* Wednesday, January 07, 2015 3:48 AM
>     *To:*public-webcrypto@w3.org<mailto:public-webcrypto@w3.org>
>     *Cc:*public-web-security@w3.org<mailto:public-web-security@w3.org>;
> Wendy Seltzer; Harry Halpin
>     *Subject:* [W3C Web Crypto WG] Rechartering discussion
>
>     Dear all,
>
>     Web Crypto WG charter [1] will end by the end of March. We need to
> prepare the next charter of Web Crypto.
>
>     As a reminder, the conversation has started on this page :
> https://www.w3.org/Security/wiki/IG/webcryptonext_draft_charter
>
>     Feel free to add you ideas and suggestions on the wiki and/or expose
> your opinion and question on thepublic-webcrypto@w3.org<mailto:
> public-webcrypto@w3.org> orpublic-webcrypto-comment@w3.org<mailto:
> public-webcrypto-comment@w3.org> (for non W3C Web Crypto WG members).
>
>     Regards,
>
>     Virginie
>
>     [1]http://www.w3.org/2011/11/webcryptography-charter.html
>
>
> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>     /This message and any attachments are intended solely for the
> addressees and may contain confidential information. Any unauthorized use
> or disclosure, either whole or partial, is prohibited.
>     E-mails are susceptible to alteration. Our company shall not be liable
> for the message if altered, changed or falsified. If you are not the
> intended recipient of this message, please delete it and notify the sender.
>     Although all reasonable efforts have been made to keep this
> transmission free from viruses, the sender will not be liable for damages
> caused by a transmitted virus./
>
>
> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>     This message and any attachments are intended solely for the
> addressees and may contain confidential information. Any unauthorized use
> or disclosure, either whole or partial, is prohibited.
>     E-mails are susceptible to alteration. Our company shall not be liable
> for the message if altered, changed or falsified. If you are not the
> intended recipient of this message, please delete it and notify the sender.
>     Although all reasonable efforts have been made to keep this
> transmission free from viruses, the sender will not be liable for damages
> caused by a transmitted virus.
>
> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>     This message and any attachments are intended solely for the
> addressees and may contain confidential information. Any unauthorized use
> or disclosure, either whole or partial, is prohibited.
>     E-mails are susceptible to alteration. Our company shall not be liable
> for the message if altered, changed or falsified. If you are not the
> intended recipient of this message, please delete it and notify the sender.
>     Although all reasonable efforts have been made to keep this
> transmission free from viruses, the sender will not be liable for damages
> caused by a transmitted virus
>
>
Attachments

application/vnd.openxmlformats-officedocument.presentationml.presentation attachment: Hardware_Token_Support__1_.pptx
Received on Friday, 30 January 2015 07:56:45 UTC