On Thu, Nov 14, 2013 at 4:16 PM, Alexey Proskuryakov <ap@webkit.org> wrote: > (re-sent from correct address) > > 13 нояб. 2013 г., в 0:00, Ryan Sleevi <sleevi@google.com> написал(а): > > > Even aside from the wrapping concern (since JOSE has declared that > > wrapping is a form of encryption, ergo it reuses the "enc" usage), it > > seems desirable to be able to express the 'direction' of a key to > > prevent cryptographic misuse, much in the same way that the selection > > of algorithm prevents misuse. > > I agree that this is useful, however I'm not sure if it follows that it > should be part of key format. > > The reason for adding "extractable" to key format is to enforce > non-extractability for keys that are unwrapped by less trusted JavaScript > code. Everything else can be just passed as arguments to importKey or > unwrapKey, and doesn't have to be protected from JavaScript as far as I can > tell. > If it is undesirable for a key to be exposed to the JS then it is also undesirable for it to be used for the wrong usage by that same JS, so the enforcement of the usages is useful. Consider the example I gave where a key is intended to have usage "unwrap". If that usage is changed to "decrypt" then key data that should only be visible inside the UA can be exposed to the JS. ...Mark > > - WBR, Alexey Proskuryakov >
Received on Thursday, 14 November 2013 08:40:58 UTC