- From: Siva Narendra <siva@tyfone.com>
- Date: Fri, 30 Jan 2015 00:05:41 -0800
- To: anders.rundgren.net@gmail.com
- Cc: Lu HongQian Karen <karen.lu@gemalto.com>, GALINDO Virginie <Virginie.Galindo@gemalto.com>, Wendy Seltzer <wseltzer@w3.org>, Brad Hill <hillbrad@fb.com>, Harry Halpin <hhalpin@w3.org>, public-web-security@w3.org
- Message-ID: <CAJhTYQyuqGJRuCrXgVS+D=w2c+3Vta33w6=KsAnhZrYS7zzquw@mail.gmail.com>
Apologies for crowding your inbox. I realized that the document I shared that was originally created for a few recipients did not do justice when distributed to this larger group in acknowledging the key contributor. I want to acknowledge Richard Barnes (Mozilla) for putting the architecture in place as a starting point and Virginie's Galindo's initial review and support. There is more to do and hopefully we can all work together. Best, Siva On Jan 29, 2015 11:29 PM, "Siva Narendra" <siva@tyfone.com> wrote: > (+1 for Karen's proposal, albeit the nuances have to be determined in a > future WG.) > > Pls see attached a presentation for W3C's consideration, along similar > lines as Karen, but perhaps more generic. It is not completely vetted, that > of course should be after the formation of a future WG. > > Based on [1] needless to say there was unanimous interest for hardware > security based on the workshop in Sep 2014. The unanimous interest becomes > moderate interest based on the voting if one considers just > individual-managed IDs (aka FIDO). Hopefully W3C will consider that the web > standards should be built to support both new standards that enables > individual-managed and existing standards that enable centrally-issued. > > Unless I'm mistaken, clearly there are two camps. One set of parties, > PayPal..., that strongly feel centrally-issued identity standards (such as > banking, payments, healthcare, citizen cards...) have absolutely NO place > for the Web and the other set of parties, Gemalto, Tyfone, Mozilla..., > that feels Web standards should include both centrally-issued as well as > user-managed identity standards through a generic framework (see attached). > > Irrespective of where we politically/technically stand limited by each of > our perceptions, for hardware security, it is absolutely essential for W3C > to support both existing centrally-issued ID standards and the new > user-managed ID standards such as FIDO. > > With all due respect, FIDO, is not a "be all end all" . Anything less > than a generic framework will undermine the usefulness and the openness of > the web when adding hardware (that needs to manufactured & dustributed) to > secure ID, data, and transactions. > > We cannot bridge the divide between new FIDO individual-managed standards > and well-established centrally-issued standards, unless and until we know > who will pay for hardware and who will pay for distribution. So let's > support all through ONE generic framework (see attached). Let the user's > pick the winners if some happen to be better than the others. Let us not > assume users are uneducated about the tradeoffs. > > [1] http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/ > > Best regards, > Siva > > On 2015-01-29 23:50, Brad Hill wrote: > > I would like to see details of how this kind of API would or could > interact with the Same-Origin model of web security, specifically: > > 1. Privacy and tracking. How does the presence of specific crypto > elements and discoverable keys which are not Origin-scoped not create > privacy violations? > > 2. Origin security. How are risks around identification of or > impersonation of the server-side of a transaction, and potential abuse of a > globally-scope key mitigated by this kind of API design? > > Without a clear discussion of how this API fits into the existing Web > security and threat model, I think it is inappropriate to proceed. We > can't just throw away the fundamental security model that billions of users > and deployed applications depend on, and I see no evidence (at least in > these few slides) that such issues have been considered by this proposal. > > > +1 > > I sent a bunch of similar questions privately. > > Assuming that the scheme indeed *is* SOP compliant a number of other > questions arise such as: > - What does this offer that U2F doesn't already have? > - What are the thought applications for SOP-constrained certificates? > > Then I would of course be very interested hearing how this specification > matches the following > bold statement by the W3C > > http://www.w3.org/2015/01/banker_payments.pdf > > given the fact that > > Secure AND Convenient Web Payments > > haven't really progressed the last 20 years or so. > If you consider usage and importance also, it has actually moved in the > *opposite* direction. > > Cheers > Anders Rundgren > > > Brad Hill > > From: Lu HongQian Karen <karen.lu@gemalto.com<mailto:karen.lu@gemalto.com > >> > Date: Wednesday, January 28, 2015 at 10:01 AM > To: GALINDO Virginie <Virginie.Galindo@gemalto.com<mailto: > Virginie.Galindo@gemalto.com>>, "public-webcrypto@w3.org<mailto: > public-webcrypto@w3.org>" <public-webcrypto@w3.org<mailto: > public-webcrypto@w3.org>> > Cc: "public-web-security@w3.org<mailto:public-web-security@w3.org>" < > public-web-security@w3.org<mailto:public-web-security@w3.org>>, Wendy > Seltzer <wseltzer@w3.org<mailto:wseltzer@w3.org>>, Harry Halpin < > hhalpin@w3.org<mailto:hhalpin@w3.org>> > Subject: RE: [W3C Web Crypto WG] Rechartering discussion - Gemalto > contribution > Resent-From: <public-web-security@w3.org<mailto:public-web-security@w3.org > >> > Resent-Date: Wednesday, January 28, 2015 at 10:04 AM > > Please review Gemalto’s contribution. We welcome your comments. > > Regards, > > Karen > > *From:*GALINDO Virginie [mailto:Virginie.Galindo@gemalto.com] > *Sent:* Wednesday, January 07, 2015 3:48 AM > *To:*public-webcrypto@w3.org<mailto:public-webcrypto@w3.org> > *Cc:*public-web-security@w3.org<mailto:public-web-security@w3.org>; > Wendy Seltzer; Harry Halpin > *Subject:* [W3C Web Crypto WG] Rechartering discussion > > Dear all, > > Web Crypto WG charter [1] will end by the end of March. We need to > prepare the next charter of Web Crypto. > > As a reminder, the conversation has started on this page : > https://www.w3.org/Security/wiki/IG/webcryptonext_draft_charter > > Feel free to add you ideas and suggestions on the wiki and/or expose > your opinion and question on thepublic-webcrypto@w3.org<mailto: > public-webcrypto@w3.org> orpublic-webcrypto-comment@w3.org<mailto: > public-webcrypto-comment@w3.org> (for non W3C Web Crypto WG members). > > Regards, > > Virginie > > [1]http://www.w3.org/2011/11/webcryptography-charter.html > > > ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ > > /This message and any attachments are intended solely for the > addressees and may contain confidential information. Any unauthorized use > or disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable > for the message if altered, changed or falsified. If you are not the > intended recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this > transmission free from viruses, the sender will not be liable for damages > caused by a transmitted virus./ > > > ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ > This message and any attachments are intended solely for the > addressees and may contain confidential information. Any unauthorized use > or disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable > for the message if altered, changed or falsified. If you are not the > intended recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this > transmission free from viruses, the sender will not be liable for damages > caused by a transmitted virus. > > ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ > This message and any attachments are intended solely for the > addressees and may contain confidential information. Any unauthorized use > or disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable > for the message if altered, changed or falsified. If you are not the > intended recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this > transmission free from viruses, the sender will not be liable for damages > caused by a transmitted virus > >
Received on Friday, 30 January 2015 08:06:09 UTC