- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Thu, 23 Aug 2012 08:20:44 +0200
- To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
I'm somewhat surprised seeing this discussion pop up again since there were 6 months of time before the WG was officially started to get this sorted out. Anyway, multi-domain keys in existing use-cases essentially always mean certificates and this use-case simply doesn't work without a revised issuing mechanism [1] which is a *major undertaking*, at least if the end-result is going to eventually replace the stuff that banks forces on their clients in many parts of the world. It is IMO not even possible building a *credible* issuance system on top of existing cryptographic APIs like PKCS #11. It is quite possible that I'm not smart enough because I do not really see how you can combine multi and single domain keys using a common API without get entangled in thorny security, privacy, and user interface issues. The dividing factor is that in a single-domain scheme the issuer and relying party logically is the "same" entity and therefore you can (IMO) do certain assumptions like that the service can use the keys as it wants because the only thing it can do is screwing up its own operations which seems like a moderately useful attack. Most of the operations wouldn't need any GUI either. Note: a bad service provider can always screw the end-user. Multi-domain keys are more complex and typically introduces GUI for each and every operation which makes the GUI (more or less) an intrinsic part of the API. I guess we have to wait for "Secondary Features" to see if my fears are ungrounded or not. Anders returning to "lurker" mode 1] Mozilla's/Google's <keygen>: - Weird user interface. Strong or medium strength keys have no meaning for 99.999% of the worlds population. - Limited issuer support. Did the poor user actually got his/her certificate? - No PIN support. Standard feature in banking applications - No key-origin support. "Hard"" or "soft" key storage? - No client-key agility support. Guessing that an algorithm is available doesn't look like a winner
Received on Thursday, 23 August 2012 06:21:21 UTC