W3C home > Mailing lists > Public > public-webcrypto@w3.org > August 2012

Re: crypto-ISSUE-26 (multi-origin access): Should key generation be allowed to specify multi-origin shared access [Web Cryptography API]

From: Seetharama Rao Durbha <S.Durbha@cablelabs.com>
Date: Wed, 22 Aug 2012 15:07:03 -0600
To: David Dahl <ddahl@mozilla.com>, Web Cryptography Working Group <public-webcrypto@w3.org>
Message-ID: <CC5AA0A4.5614%s.durbha@cablelabs.com>
Assuming that cross-domain usage of keys applies to only asymmetric keys (thus we have 'certificates' with attributes the user can inspect), I tend to agree with you.
However, putting the privacy hat on, its possible that users are not always wise-enough or attentive-enough to know what decision to make (another pop-up to click-through). It is possible that a corporate cert could be detected by other sites where they had no business of knowing.

This brings me to another question  I am assuming that the application sifts through crypto.keys array to decide which key to use and which key to prompt the user with. Again, putting the privacy hat, that may be too late to prevent the application to know what all keys are there.

Seetharama


On 8/22/12 2:07 PM, "David Dahl" <ddahl@mozilla.com<mailto:ddahl@mozilla.com>> wrote:

I think at first the single-origin concept for this API was short-sighted as we will not have the ability to build decentralized, non-walled-garden applications.

On the question of whether an approved-origin for a specific key can approve further origins: This operation is perhaps better and more securely handled by the browser implementation. I can imagine an implementation prompting the user for approval when an attempt to use a key is initiated x-domain for the first time, with the browser updating the key origin access list with "remember this choice" checked, etc...

Cheers,

David

----- Original Message -----
From: "Web Cryptography Working Group Issue Tracker" <sysbot+tracker@w3.org<mailto:sysbot+tracker@w3.org>>
To: public-webcrypto@w3.org<mailto:public-webcrypto@w3.org>
Sent: Wednesday, August 22, 2012 2:43:00 PM
Subject: crypto-ISSUE-26 (multi-origin access): Should key generation be allowed to specify multi-origin shared
access [Web Cryptography API]
crypto-ISSUE-26 (multi-origin access): Should key generation be
allowed to specify multi-origin shared access [Web Cryptography API]
http://www.w3.org/2012/webcrypto/track/issues/26
Raised by: Ryan Sleevi
On product: Web Cryptography API
The charter defines as "out of scope" as "access-control mechanisms
beyond the enforcement of the same-origin policy"
However, it was initially proposed by David Dahl, that during key
generation, an application may be permitted to specify alternative
origins be allowed to access the same key material. For example, it
might include a DOMString[] of authorized origins, for which, if the
key is generated, they're permitted to access.
Additionally, there's outstanding question as to whether an origin,
with access to a key, may be able to grant access to other origins
proactively.
Received on Wednesday, 22 August 2012 21:07:33 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:01:25 UTC