- From: Á¶»ó·¡ <sangrae@etri.re.kr>
- Date: Mon, 29 Apr 2013 08:01:00 +0000
- To: Mountie Lee <mountie@paygate.net>
- CC: "Web Cryptography Working Group (public-webcrypto@w3.org)" <public-webcrypto@w3.org>
- Message-ID: <2C9D74CFB4E39C4AB170D5AAB41B21D959C6D876@SMTP4.etri.info>
Hi, Let¡¯s me add some additional comments to Mountie¡¯s point about the key ownership of a certificate and key. A certificate is a credential that binds an identity of a subject to a public key. If the issued certificate is bound to a specific web application or web site, then it can be called origin specific certificate and key. If the issued certificate is bound to a specific user, then it can be called origin free or independent certificate and key. In the use case, for example TLS client certificate issued to a specific web site, then the certificate is only valid for that web site to authenticate or make secure channel. However, like Korean online banking use case, if a certificate is issued to a bank user by one of the licensed CA server and it can be used to any bank in Korea for authentication or wire transfer, this will be case of origin free certificate and key. This is only possible because every online banking website trusts license CA Server operating in Korea. Therefore, to my understanding, as far as the certificate is concerned, it can be used under both same origin policy and cross origin policy. Regards Sangrae =========================================================== Sangrae Cho Authentication Research Team ETRI (Electronics and Telecommunications Research Institute) 218 Gajeongro, Yuseong-Gu, Daejeon, 305-700, KOREA Phone : +82-42-860-6939 Fax : +82-42-860-1471 =========================================================== From: Mountie Lee [mailto:mountie@paygate.net] Sent: Sunday, April 28, 2013 6:41 PM To: Web Cryptography Working Group Subject: basic principle of key ownership Hi. I think we need agreement for principle of key ownership between working group members. key ownership is divided into two sides. - provisioner side : mostly like cloud, server or web application side. - user side : the user as human. when we review the issues with different view of key ownership, the result is totally different. I exampled followings. [sign] - in the view of provisioner side, signature will be generated silently. - in the view of user side, signature will be generated with user consent. [erasure] - in the view of provisioner side, the key can be erased silently like garbage collection. - in the view of user side, the key should not be erased without user consent. [key generation] - in the view of provisioner side, the key will be generated silently. - in the view of user side, the key will be generated with user consent. [pre-provisioned key] - in the view of provisioner side, the use case is acceptable. - in the view of user side, the use case is unacceptable. because user did not allow it. [same-origin policy] - in the view of provisioner side, it is strong security policy because the key is binded to some of provisioners. - in the view of user side, user is able to use "my key" on any sites with my decision --------------- as we see the above examples, the results are very different by the understanding of key ownership. non-US banking use cases (Korea, EU...) are based on "USER has key ownership" the key means certificate and it's binded private key. when the WG members agree this principle, the many conflicts can be easily solved. regards mountie. -- Mountie Lee PayGate CTO, CISSP Tel : +82 2 2140 2700 E-Mail : mountie@paygate.net<mailto:mountie@paygate.net> ======================================= PayGate Inc. THE STANDARD FOR ONLINE PAYMENT for Korea, Japan, China, and the World
Received on Monday, 29 April 2013 08:21:11 UTC