Re: Follow-up. Re: Use case: Authenticate using eID from Arun Ranganathan on 2013-05-15 (public-webcrypto@w3.org from May 2013)

From: Arun Ranganathan <arun@mozilla.com>
Date: Wed, 15 May 2013 14:17:22 -0400
To: Mountie Lee <mountie@paygate.net>
Cc: "Richard L. Barnes" <rbarnes@bbn.com>, Nick Van den Bleeken <Nick.Van.den.Bleeken@inventivegroup.com>, Aymeric Vitte <vitteaymeric@gmail.com>, "public-webcrypto@w3.org Group" <public-webcrypto@w3.org>
Message-Id: <7217C91E-E8C2-4991-840B-BCC56CABE0E5@mozilla.com>

Mountie,

Another subtle aspect of this model might be found in the way Origin A, which performs cryptographic operations on behalf of Origin B, interacts with the user:

On May 15, 2013, at 6:27 AM, Mountie Lee wrote:

> Hi.
> visibility has no meaning for blindness.
> 
> iframes can be invisible when it run silently.
> 
> but
> with the view of key ownership,
> we can image some interactions between user and script.
> - showing content for signing.
> - entering passphrase for private key access which is associated with certificate
> - getting user consent for many purposes.
> 

On the web today, OAuth is fairly prevalent, and is used to authenticate users on some sites with well-established identities on other sites.  To take a practical example, the Facebook, Twitter, and LinkedIn identities (authentication credentials like usernames and passwords) often are used to authenticate users on different sites.  I like this model; users understand it.  We can migrate this model over to our world that uses postMessage within the UA (in lieu of the complicated protocol steps of OAuth).

In our world, OriginA might be considered an iDP (identity provider).  OriginB might be considered a relying party.  Sure, OriginB might use an invocation of OriginA through an iframe, but OriginA might solicit user credentials and thus spawn a UI flow.  Origin A can be explicit about what it grants.

"User consent" that follows the model of OAuth (for inspiration about a UI consent model, of course) on the web today is both feasible and desirable.  Accessiblity can thus be subject to all the usual considerations -- business as usual :-)

Also, I agree with your point made in earlier correspondence about differences about "who owns the key" as being philosophical.  It is philosophical, depending on how you think about the origins.  We're essentially building a web of origins, no different than the web that exists right now.  

If you have further questions about this, I'm happy to answer them off-list.  Hopefully when the use case is documented it will also answer your questions.

-- A*

Received on Wednesday, 15 May 2013 18:17:54 UTC