Signatures. Was: Feedback, comments and so about WG Web Cryptography API from Anders Rundgren on 2012-07-24 (public-webcrypto-comments@w3.org from July 2012)

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Tue, 24 Jul 2012 21:38:29 +0200
To: helpcrypto helpcrypto <helpcrypto@gmail.com>
CC: Ryan Sleevi <sleevi@google.com>, public-webcrypto-comments@w3.org
Message-ID: <500EF9B5.8030801@telia.com>

On 2012-07-24 09:11, helpcrypto helpcrypto wrote:
<snip>
>> Requiring that conforming user agents specifically implement PDF signatures,
>> expose OCSP or timestamping APIs, or implement XAdES-XL directly to content
>> script is a very unlikely proposition for this WG, as chartered.
> 
> The reason why we use Java is to be able to provide a better and
> common user experience, as the same time as _friendly_.
> If the signing method you are providing will be so low-level to show
> something like "you are going to sign <data>...end-users love
> xml...</data> Enter the PIN", then ill continue using -killing myself-
> Java.
> 
> The reason why i asked for complex methods like pdf/xades was to let
> the user truly "preview" whats going to be signed, in a human readable
> way.
> People has to know what they are signing, and a XML is definetively
> not the correct way.
> I dont know if i explained the problem clearly. Please, discuss if you
> find this usefull.

There are other efforts addressing signatures:

https://lists.oasis-open.org/archives/dss-x

Personally I think a signature scheme should primarily address embedded
security hardware since it will be everywhere while smart cards (due to their
dependence of more or less unique middleware), only apply to a fraction of the
market.  Having actually worked in the smart card industry, I think the hassle
(and secrecy) is really a part of the business model :-)

In theory soft tokens could be a part of the plot but it seems that (for example)
NSS would have to be rewritten way beyond what anybody is prepared to do.
It is probably easier to start from scratch!

WYSIWYS-signatures for domain-bound keys doesn't sound particularly interesting,
but that is maybe because the use-cases haven't been properly described...

Making "technical signatures" like PKCS #1 is another thing, they are always useful
for checking data integrity and authenticity.

</snip>
Anders

Received on Tuesday, 24 July 2012 19:39:11 UTC