- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sat, 31 May 2014 10:03:48 +0200
- To: noloader@gmail.com
- CC: WebCrypto Comments <public-webcrypto-comments@w3.org>, Ryan Sleevi <sleevi@google.com>
Jeff, Since you were mentioning Android it might be fun knowing that the ARM people (power the majority of Android devices) have recently launched a system (and sold it to a few handset markers as well...) where s.c. TAs (Trusted Applications) run inside of their hardware virtualization secure layer called TrustZone. Such applications are written in C. No web there whatsoever. UI-wise we will (if ARM succeed with this mission...) have use things like this already shipping system from Intel: https://communities.intel.com/community/vproexpert/blog/2012/05/18/intel-ipt-with-embedded-pki-and-protected-transaction-display It may be a security-person's "wet dream"; personally it feels more like a nightmare :-) Anders On 2014-05-31 09:45, Jeffrey Walton wrote: > On Sat, May 31, 2014 at 3:10 AM, Ryan Sleevi <sleevi@google.com> wrote: >> ... >> Jeff, >> >> While I appreciate the feedback, it does seem you are fairly confused about >> this API. While I hope the above is able to provide some clarification, I >> would suggest that before you spend too much time worrying about the >> security model - and such things like Java sandboxing and code signing - it >> might help to focus a bit more on understanding the web security model and >> the existing APIs that are part of the platform (eg: IndexedDB). >> >> I can't help but feel like the current comments stem from a place of >> misunderstanding, that perhaps the cart was placed before the horse. I only >> mention this to make sure that we don't spend too much time discussing the >> above responses without first making sure we are on the same page as far as >> how the platform works. >> >> This would avoid things like comparison to Java or native applications, give >> an understanding of what permissions look like, give an understanding of >> what the threats are, what malware conceptually looks like, and all of these >> other important concepts. Once this is in place, then its a good position to >> evaluate what or how WebCrypto alters this - with the answer clearly being >> 'not at all, because it is all possible today, just not as securely as with >> WebCrypto' > Thanks Ryan. There is some mis-understandings, but I don't believe its > as bad as you think. There's also a desire to understand what > additional controls we have with new technologies like WebApps and > WebCrypto so an HTML5/CSS/Javascript app can handle more than low > value data. > > Jeff >
Received on Saturday, 31 May 2014 08:04:18 UTC