Re: Key wrap/unwrap/import/export open issue from Harry Halpin on 2013-07-08 (public-webcrypto@w3.org from July 2013)

From: Harry Halpin <hhalpin@w3.org>
Date: Mon, 08 Jul 2013 20:16:24 +0200
To: GALINDO Virginie <Virginie.GALINDO@gemalto.com>
CC: Mark Watson <watsonm@netflix.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <51DB01F8.2000103@w3.org>

On 07/08/2013 06:31 PM, GALINDO Virginie wrote:
>
> Thanks Mark for this proposal, which makes your request crystal clear.
>
> We will allocate some time during the next call in 2 weeks, to collect 
> feedbacks from editors and have your proposal integrated in the next 
> public working draft, as it was supposed to.
>

I missed the last call and it appears there were lots of discussion over 
the security boundary actually being offered by

I can imagine a case where no real security boundary that JS code makes 
sense (i.e. private key material stored in say, localStorage, and can be 
easily exported in some fashion), but if a real security boundary is 
offered to non-extractable keys, then it seems doing wrap/unwrap in JS 
doesn't seem to make sense.

This seems like, as many people will try to store private key material 
as non-extractable, something we should clarify with an informative note 
somewhere in the spec.

Are the various browser vendors planning on doing anything around 
security boundary for keys of structured clone (while maintaining 
persistence/lifespan/etc.) at all to enforce non-extractable properties 
for keys?

   yours,
    harry


> Regards,
>
> Virginie
>
> *From:*Mark Watson [mailto:watsonm@netflix.com]
> *Sent:* lundi 8 juillet 2013 18:06
> *To:* public-webcrypto@w3.org
> *Subject:* Key wrap/unwrap/import/export open issue
>
> All,
>
> As discussed on a recent call, the key wrap/unwrap support in the 
> latest Working Draft differs from the original proposal 
> (http://www.w3.org/2012/webcrypto/wiki/KeyWrap_Proposal) in two 
> important ways. First in leaving key wrap format to the JS code and 
> second in not defining and mapping JWK attributes for the WebCrypto 
> Key attributes (extractable and usages).
>
> The first point is a clear improvement over the original proposal (IMO).
>
> This second point means we do not have support for unwrapping 
> non-extractable keys (and maintaining that property) in the core 
> draft*. This is properly addressed in the import/export sections. 
> which remain empty (no changes to the wrap/unwrap text are necessary).
>
> The group previously agreed that the original proposal should be 
> included in the draft. I've described the issue in more detail and 
> extracted the relevant parts of the original proposal here: 
> http://www.w3.org/2012/webcrypto/wiki/KeyWrap_Notes_July
>
> ...Mark
>
> * i.e. without appealing to special behaviours attached to 
> pre-provisioned keys out-of-band.
>

Received on Monday, 8 July 2013 18:16:29 UTC