Re: comments on web crypto API: Side effects of a low-level API [1/6] from Anders Rundgren on 2013-05-24 (public-webcrypto-comments@w3.org from May 2013)

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Fri, 24 May 2013 16:24:35 +0200
To: Nikos Mavrogiannopoulos <nikos.mavrogiannopoulos@esat.kuleuven.be>
CC: public-webcrypto-comments@w3.org, danny de cock <danny.decock@esat.kuleuven.be>, Filipe Beato <filipe.beato@esat.kuleuven.be>
Message-ID: <519F7823.4080603@telia.com>

On 2013-05-24 15:45, Nikos Mavrogiannopoulos wrote:
> On 2013-05-23 14:11, Anders Rundgren wrote:
>>> A solution to that approach would be to offer high level API to 
>>> handle
>>> the common of the expected use cases of the low level API, and that 
>>> high
>>> level API will use standardized protocols, implemented in the 
>>> browser.
>>> For example:
>>> * An API to upload an encrypted and authenticated file
>>>   -> the browser uses the standardized procedure and the user is
>>> notified by the browser that his file will be encrypted prior to
>>> uploading
>> What you are indirectly saying is that there are cryptographic 
>> methods
>> that can guide an average "neticen".  Although I can't speak for the
>> WG (since I'm not a member), I don't think this is the general 
>> feeling.
>> You essentially have to trust a web-site for "Doing the right 
>> thing(tm)".
>> The specific use-case suffers from the fact that a user cannot know
>> how the encrypted document is dealt with _after_ it has been 
>> received.
> 
> I don't quite agree. I don't trust any website to implement its own 
> secure communications protocol. For that I use TLS. I trust the site I 
> visit for a specific purpose (e.g. to sell books), not for designing 
> secure protocols. The current API cannot be used as is by an average web 
> designer since it requires him to become a secure protocol designer and 
> handle low level cryptographic aspects (which even cryptographers may 
> get wrong). I'd really suggest the WG to think about the target-audience 
> of this framework and offer an appropriate toolbox to them.

Hi Nikos,

I think Web Crypto (if the WG manages to get optional support for
pre-provisioned keys into the pudding...) will spur a lot of new
interesting protocols but that will happen outside of the WG.

Experts in secure protocols like yourself will be the main contributors.
It is _possible_ that one or more protocols that could benefit from
native support will emerge but I don't think anybody is ready with that now.

That is, I fully agree with you that the target audience is _not_ your
average web-developer.  It will though be hard finding anything comparable to TLS.

Cheers
Anders

> 
> regards,
> Nikos
> 
> 
>

Received on Friday, 24 May 2013 14:25:22 UTC