Re: A somewhat lame Web Crypto PIN provisioning solution from Anders Rundgren on 2013-04-02 (public-webcrypto-comments@w3.org from April 2013)

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Tue, 02 Apr 2013 16:36:49 +0200
To: Mountie Lee <mountie@paygate.net>
CC: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
Message-ID: <515AED01.3000308@telia.com>

On 2013-04-02 16:13, Mountie Lee wrote:
> we have to be careful creating any new UI and related specifications.
> 
> it has serious and many issues
> - languages
> - encodings
> - web accessibility for disabilities
> - security policies (control of password or account lockout policy)
> - availabilities for CSS style
> 
> I can not say yes for your approach without above considerations.

In my opinion the PIN dialog would follow other alert dialogs in the
browser with respect to language (locale) and accessibility.

The PIN dialog would not have links to CSS because it comes from
the platform when a key is subject to a private/secret key-operation.

The PIN policy is (in the proposal...) limited to x number of retries.
If you screw-up your only option would be getting a new key.

PIN encoding would follow the rest of Web Crypto, I guess.

The advantage with this scheme compared to server-based PINs is
the issuer doesn't have to store or validate PINs.

An option could be a local PIN input based on a server-based
policy.  This is an intrinsic part of my SKS/KeyGen2 scheme
and I think it works pretty nice.

Regards,
Anders

> 
> 
> 
> On Tue, Apr 2, 2013 at 8:10 PM, Anders Rundgren <anders.rundgren@telia.com <mailto:anders.rundgren@telia.com>> wrote:
> 
>     Since an issuer of a key has (if I didn't got it all wrong...) full "usage" access to a key it has issued including signing whatever it wants there are obviously some trust isolation limits of the Web Crypto API.  Note: I don't see that as a big problem.
> 
>     Anyway, in such a context it wouldn't be completely wrong adding something like a "setPIN (value, retries)" method to a key which for subsequent uses of the key would require the user providing a matching PIN.
> 
>     The policy of the PIN would be defined in a traditional web-process.
> 
>     Anders
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> -- 
> Mountie Lee
> 
> PayGate
> CTO, CISSP
> Tel : +82 2 2140 2700
> E-Mail : mountie@paygate.net <mailto:mountie@paygate.net>
> 
> =======================================
> PayGate Inc.
> THE STANDARD FOR ONLINE PAYMENT
> for Korea, Japan, China, and the World
> 
> 
> 
>

Received on Tuesday, 2 April 2013 14:37:25 UTC