- From: David Dahl <ddahl@mozilla.com>
- Date: Thu, 27 Sep 2012 14:04:58 -0700 (PDT)
- To: Ryan Sleevi <sleevi@google.com>
- Cc: Harry Halpin <hhalpin@w3.org>, Emily Stark <estark@mit.edu>, Wan-Teh Chang <wtc@google.com>, public-webcrypto@w3.org, GALINDO Virginie <Virginie.GALINDO@gemalto.com>
----- Original Message ----- > From: "Ryan Sleevi" <sleevi@google.com> > To: "David Dahl" <ddahl@mozilla.com> > Cc: "Harry Halpin" <hhalpin@w3.org>, "Emily Stark" <estark@mit.edu>, "Wan-Teh Chang" <wtc@google.com>, > public-webcrypto@w3.org, "GALINDO Virginie" <Virginie.GALINDO@gemalto.com> > Sent: Thursday, September 27, 2012 3:51:31 PM > Subject: Re: Suggestions on high-level API - perhaps a meeting next week? > > On Thu, Sep 27, 2012 at 12:24 PM, David Dahl <ddahl@mozilla.com> > wrote: > > As far as use cases are concerned, I can think of 2 offhand, and I > > think they cover many sites/developer needs: > > > > 1. Zero-knowledge cloud-storage of data: messages, documents, etc. > > - in the event of a server compromise, the attacker has nothing. > > In the event of server compromise, the attacker can supply new > hostile > script that instructs the UA to decrypt the message/document/etc and > then supply that to the server. > In the case of messaging, many applications will not save the cipher messages to the server persistently. If the keys used to encrypt the messages are session keys, and the server operator is using a tight CSP, we might have a better use case. Of course, many other attacks exist:( > Which is why I mentioned the desire for use cases, since clearly some > of these require thinking carefully about the security model and > making sure that it's even possible to address the use cases. > Yes, indeed, this use case and security model work is never ending. Cheers, David
Received on Thursday, 27 September 2012 21:05:26 UTC