- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Thu, 23 May 2013 12:40:54 +0200
- To: Nikos Mavrogiannopoulos <nikos.mavrogiannopoulos@esat.kuleuven.be>
- CC: public-webcrypto-comments@w3.org, danny de cock <Danny.DeCock@esat.kuleuven.be>, Filipe Beato <filipe.beato@esat.kuleuven.be>
On 2013-05-23 10:40, Nikos Mavrogiannopoulos wrote: > Our reading of the API suggests that it is not sufficient to handle > smart cards. Smart cards are widely available security tokens (citizen > IDs in several countries are such) that allow cryptographic operations > with a private key that is not extractable. The private key is typically > PIN protected. This is true but exposing such cards to untrusted web-code is not a viable option. However, a fairly simple first-step has been proposed. See last paragraph of: http://lists.w3.org/Archives/Public/public-webcrypto-comments/2013Apr/0064.html > In our view what is needed to support those keys: > * Generation: > The generateKey should allow the specification of a location (e.g., > with a PKCS #11 URL [0]), and it should be able to return an identifier > that can be used to access the object. https://lists.oasis-open.org/archives/pkcs11-comment/201305/msg00000.html > * Cloning: > The ability to clone a key on an SC should not be assumed. > > * Importing: > A way to import a named key (e.g., using a PKCS #11 URL) should be > allowed to access a smart card key. > > * Exporting > Non-Extractable keys should not be expected to be exported, nor any > private key parameters should be accessible. > > > Note that from a user interface perspective the user should be warned > by the browser prior to allowing any access on its smart cards by a > webapp. > > [0]. http://tools.ietf.org/html/draft-pechanec-pkcs11uri-09 > > Anders
Received on Thursday, 23 May 2013 10:41:35 UTC