W3C home > Mailing lists > Public > public-webcrypto@w3.org > August 2012

Re: crypto-ISSUE-30 (where is the key ?): How does the application know where the key is stored ? [Web Cryptography API]

From: Seetharama Rao Durbha <S.Durbha@cablelabs.com>
Date: Wed, 29 Aug 2012 12:03:22 -0600
To: Ryan Sleevi <sleevi@google.com>, Lu HongQian Karen <karen.lu@gemalto.com>
CC: Ali Asad <Asad.Ali@gemalto.com>, GALINDO Virginie <Virginie.GALINDO@gemalto.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CC63B2D4.5911%s.durbha@cablelabs.com>


On 8/29/12 11:35 AM, "Ryan Sleevi" <sleevi@google.com<mailto:sleevi@google.com>> wrote:

On Wed, Aug 29, 2012 at 10:02 AM, Lu HongQian Karen
<karen.lu@gemalto.com<mailto:karen.lu@gemalto.com>> wrote:
Hi Ryan,

I agree with you that Issue-30 needs more elaboration.

Regarding to keylocation, I was thinking

Enum keyLocation {
   None, // unspecified
   Browser, // browser's storage
   Local, // local storage other than browser's
   CryptoProvider // complexity: a user agent may have more than one cryptoProviders
};

The distinction between "Local" and "CryptoProvider" is fundamentally
flawed in assuming an implementation detail - since an implementation
may access "Local" (which I assume to mean 'OS storage', but in fact
can mean much more) storage via CryptoProviders.

In fact, all Browser storage is could simply be another CryptoProvider.
Note that the reason we are down this path is so that the application can limit the keys it wants the user to select. If you look at it, fundamentally, it is based on a provisioning model the app uses. Thus if the app provisioning does not include direct browser memory (regardless of what crypto provider the browser users), and only includes smart cards (external), then the app wants to search for 'external' keys only.

We are not talking about how browsers implement their storage  but how applications treat that storage. Its a question of key provisioning and trust models used.


So now we're down to only two (meaningful to web application) flags

enum {
  None,
  CryptoProvider
};

And since you may have multiple cryptoproviders, suddenly you need
ways to disambiguate crypto providers, and now you're back to an API
that requires providers, which has been repeatedly agreed that is not
a focus of this WG nor something that can be reliably implemented
across user agents.
Received on Wednesday, 29 August 2012 18:04:13 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:01:26 UTC