- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Thu, 18 Apr 2013 14:34:50 -0400
- To: Carsten Bormann <cabo@tzi.org>
- CC: Web Payments CG <public-webpayments@w3.org>, ietf-http-wg@w3.org
On 04/18/2013 12:39 PM, Carsten Bormann wrote: > No, I just reported that I got stuck trying to find out the security > properties. Ok, that wasn't clear. More on this below... > I was also unclear about the security objectives. This is starting > to become a bit clearer with the discussion now, but that doesn't > replace a good exposition of what you are trying to achieve/what you > think you have achieved. This might help with respect to the Web Keys specification: https://hacks.mozilla.org/2013/04/web-payments-with-payswarm-identity-part-1-of-3/ This might help with respect to the Web Payments work: http://blog.meritora.com/launch/ > So, for instance, I'd like to understand your stance on replay a bit > better. Short story: Replay is bad, we try to prevent it. :) We have two protections against replay attacks in Web Key digital signatures. The first is a nonce, which is optional under certain circumstances. The second is a datetime stamp which is used to time-block an attack period (for example - 5 minutes). We made nonces optional as not everyone will require them. The Web Payments specs require nonces to be implemented correctly as an additional security measure. We also require payment processors to always use HTTPS as a further security measure. The documentation is pretty dated on this stuff, but you can read more about it here: https://payswarm.com/specs/source/web-keys/#the-response-token and here: https://payswarm.com/specs/source/web-keys/#message-signature-algorithm > RFC 3552 and RFC 4101 may be good reading for the kind of question > that tends to come up, and RFC 4949 will give you some terminology > to minimize ambiguity. Yep, we're working on explanations about the design behind web keys. Unfortunately, the spec is quite out of date. Implementations match the current design, but we need to move what we do in the implementations back into the Web Keys spec. Keep in mind that the HTTP Signatures spec intended to be a sub-section of Web Keys. We could publish it separately if that would move it toward REC (at W3C) or RFC (at IETF) faster. > Thanks a lot for the appraisal of the httpauth candidates -- this > will be really useful input for the work of that WG. I'll send another e-mail to that mailing list to make sure that we're engaging the right community. I'll stop cc'ing the HTTP WG shortly, unless the conversation should continue in this group as well? -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: Meritora - Web payments commercial launch http://blog.meritora.com/launch/
Received on Thursday, 18 April 2013 18:35:20 UTC