Re: Feedback, comments and so about WG Web Cryptography API from Ryan Sleevi on 2013-10-22 (public-webcrypto-comments@w3.org from October 2013)

From: Ryan Sleevi <sleevi@google.com>
Date: Tue, 22 Oct 2013 11:53:56 -0700
To: helpcrypto helpcrypto <helpcrypto@gmail.com>
Cc: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>, Harry Halpin <hhalpin@w3.org>
Message-ID: <CACvaWva4TR3QkkRqqd2W6kmPE-9QGzejHj9=wGw4+eW-3C0Pbw@mail.gmail.com>
On Tue, Oct 22, 2013 at 11:13 AM, helpcrypto helpcrypto <
helpcrypto@gmail.com> wrote:

> Hi all!
>
>
> Few months ago I asked about WebCrypto state of the art.
> Today, many things have changed and after a long reading, here I go again.
>
> Please, *feel free to send me any comments, corrections or suggestions*,
> they are all welcome.
> I truly thank your answers!!!
>
>
> If I didn't understand wrong, *there are currently 3 documents to have in
> mind*:
>
> WebCrypto API: [1]
> Which focus on API to make operations such signing or verifying. This has
> been already implemented by [2] for Javascript.
>
> Firstly, there are some parts I have interest in:
>     13.2.6. The generateKey method
>     13.2.9. The importKey method
>     13.2.10. The exportKey method
>
> *I know that "handling the keys" is out of the scope of this document
> (smartcards too)*, but I'll like to know if, as an integrator, I'll be
> able to generate a key pair on CSP/NSS/PKCS#11 modules, or import/export
> keys from my smartcards using -for example- a PKCS#11 interface. In other
> words:
> *Will this invoke microsoft-csp or linux-nss operations under this layer
> to get access to keystores?*
> (I think so, but looking for confirmation)
>

As you acknowledge, it's out of scope of this document. You're asking a
question about how implementations decide to expose potentially
security-relevant features and the risks to users.

The API provides no statement of this.



>
> I'm also missing a* getKey(filter)* function that returns a handler to
> use keys in operations like sign(key,data).
> *Do you plan to add it?*
>

Considering the above comment, this is not intended for this release.


>
> *Will be possible to specify a filter/unicode string to search on
> subject/cert?*
>

Not in scope.


>
>
> I think key protection is also outside of the scope of this document, but:
> *Will it be possible to make a key "sticky", being able to sign more than
> 1 document with "one PIN" only? (batch mode)
> *
>

PINs handling is not in scope.


> * *
> Finally, [3] says "Also, the system must display to the user the data that
> is being signed, so that he knows what he is signing"
>

This is a much older, unmtained document.


> I'll like to publicly ask, request, beg, plead, pray...this to be human
> readable.
> Old Mozilla's signText was one of the worst -imho- *human *friendly GUIs
> ever made.
> *Could it be possible to display what the user is going to say using
> tools like PDF.js (for PDF files)?
> Could it be possible to display a short customizable message like: "Hi
> peter, here are the documents you have to sign!"?*
>

As above, this is not something the WG is providing.


>
>
>
> KeyDiscovery: [4]
> This document purpose is to define how the keys will be recovered from the
> browser.
>
> IMHO, the *getKey *function IS the link between these two documents, and
> thats the reason why WebCrypto spec should contain the function and
> reference to KeyDiscovery (not the way around).
>
>
> Reading this document, I not sure if I understood this part:
>   interface NamedKey : Key {
>       readonly    attribute DOMString  name;
>       readonly    attribute DOMString? id;
>   };
>
> *Will getKeyByName("PETER") will look for all keys containing (in any
> attribute) the word "PETER"?*
> (If that's correct, im happpy to hear it!)
>
> Also, will be great to be able to filter by keystore like
> getKey(keystore,filter).
> This keystore could match CSP name or PKCS#11 library. All keystores
> should be queried if no keystore provided.
> *Could this be possible?*
>
> Some examples, like [5] will be much appreciated.
>
>
> High-Level API: [6]
>
> *Cant this document be merged with [1] as callbacks?*
>

Considering that David Dahl is no longer with Mozilla and, to the best of
my knowledge, no longer participating in this group, I suspect that either
another (WG member) needs to step up as editing or, as discussed during the
eBay F2F, this document be discontinued and removed. Harry?


>
>
>
> Last but not least, *I'll like to thank the big effort you are doing with
> this*. With each little step of this spec in happier in my daily work,
> knowing one day in the future, ill get rid of Java.
>
> Thank you all!!!
>
>
> [1] https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html
> [2] polycrypt.net
> [3] http://www.w3.org/2012/webcrypto/wiki/Use_Cases
> [4]
> https://dvcs.w3.org/hg/webcrypto-keydiscovery/raw-file/tip/Overview.html
> [5] https://github.com/daviddahl/domcrypt
> [6] https://dvcs.w3.org/hg/webcrypto-highlevel/raw-file/tip/Overview.html
>
>
Received on Tuesday, 22 October 2013 18:54:25 UTC