- From: Ryan Sleevi <sleevi@google.com>
- Date: Wed, 3 Apr 2013 11:34:28 -0700
- To: Jeffrey Walton <noloader@gmail.com>
- Cc: Anders Rundgren <anders.rundgren@telia.com>, "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
In the current low-level API - that is, what the WG is actively working on - origins have full access to keys that they create on that origin, and keys cannot be shared between origins [short of postMessage + clonability]. Mark's proposal for key discovery provides no way for the issuer to revoke or re-provision keys - that is, such discussions and functionality are left entirely out of the spec. On Wed, Apr 3, 2013 at 11:26 AM, Jeffrey Walton <noloader@gmail.com> wrote: > Hi Anders, > > On Tue, Apr 2, 2013 at 7:10 AM, Anders Rundgren > <anders.rundgren@telia.com> wrote: >> Since an issuer of a key has (if I didn't got it all wrong...) full "usage" access to a key it has issued including signing whatever it wants there are obviously some trust isolation limits of the Web Crypto API. Note: I don't see that as a big problem. >> > Sorry to rewind this. Has anyone form legal briefed you on the topic? > Is it the case an issuer has full access to a credential issued to a > user if its installed on a user's device? How about if the user > re-provisions the key, so its used for another site too? > > I'm curious since I don't believe I've ever encountered it in the > field. I am aware that remote wipes have some unanswered legal > questions [1], and imagine wiping a credential used at another site > might expose the firm to some legal risk. > > Jeff > > [1] http://www.forbes.com/sites/ciocentral/2012/07/10/mobile-security-the-fallacy-of-remote-wiping-your-phone-2/3/ >
Received on Wednesday, 3 April 2013 18:34:55 UTC