[Bug 25721] extractable keys should be disabled by default from bugzilla@jessica.w3.org on 2014-05-16 (public-webcrypto@w3.org from May 2014)

From: <bugzilla@jessica.w3.org>
Date: Fri, 16 May 2014 20:58:04 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25721-7213-k7PT6UwerN@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25721

elijah@riseup.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|INVALID                     |---

--- Comment #6 from elijah@riseup.net ---
> And the application author - NOT the user - is capable of making this tradeoff.
> There is zero value in presenting to the user, which is why this is INVALID.

This is the very crux of the matter. Does choosing to run a javascript
application mean that the user must accept all the choices made by this
application? 

The answer should be a resounding NO. In the real world, we are often not
presented with rational choices where we can decide not to use a particular
website. Imagine, for example, my bank sends me documents that need to be
digitally signed. They use the services of a web service that does secure
digital signatures of documents. I don't have a meaningful choice to not use
the web service, but I should be given the choice if the web service is allowed
access to my private keys generated by that origin.

So long as I don't give up my private keys, I don't even care if someone has
hacked the signature service and stolen their database of users. I might be
forced to use the service, but that doesn't mean I need to give them the power
to sign documents on my behalf.

The very fact that the extractable flag exists at all is evidence that key
material is not the same as javascript code. If there really was no difference
at all, and to run code you just need to trust it for everything and do
whatever it wants, then there would be no purpose whatsoever in having an
extractable flag. It would not be coherent, and all keys should be extractable.

Because of CORS and PostMessage, it is entirely probable that in the future
javascript apps will request operations happens with keys created by other
origins. One can imagine a million uses for this kind of thing, from signatures
to payments to confidential messaging. Because of the likely monopoly power of
the services creating these keys (think paypal, amazon, etc), it does not make
sense to say to the user "you must submit to whatever decisions the monopoly
service decides happens to your private keys for that service."

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Friday, 16 May 2014 20:58:05 UTC