IRC log of crypto on 2012-05-14

Timestamps are in UTC.

18:56:52 [RRSAgent]

RRSAgent has joined #crypto

18:56:52 [RRSAgent]

logging to http://www.w3.org/2012/05/14-crypto-irc

18:56:55 [ekr]

zakim, who is here?

18:56:55 [Zakim]

sorry, ekr, I don't know what conference this is

18:56:55 [wseltzer]

zakim, this will by CRYPT

18:56:56 [Zakim]

On IRC I see RRSAgent, Zakim, emily, wtc, ekr, mcdondan, rbarnes, kaepora, Channy, tjr, tl1, ddahl, timeless, davidsarah, wseltzer

18:56:56 [Zakim]

I don't understand 'this will by CRYPT', wseltzer

18:57:53 [wseltzer]

zakim, this will be CRYPT

18:57:53 [Zakim]

ok, wseltzer; I see SEC_WebCryp()3:00PM scheduled to start in 3 minutes

18:58:04 [smc]

smc has joined #crypto

18:58:12 [virginie_galindo]

virginie_galindo has joined #crypto

18:59:52 [rbarnes]

zakim, who's on the phone?

18:59:52 [Zakim]

SEC_WebCryp()3:00PM has not yet started, rbarnes

18:59:54 [Zakim]

On IRC I see virginie_galindo, smc, RRSAgent, Zakim, emily, wtc, ekr, mcdondan, rbarnes, kaepora, Channy, tjr, tl1, ddahl, timeless, davidsarah, wseltzer

19:00:54 [PhilipG]

PhilipG has joined #crypto

19:00:57 [Channy]

Hi, all. I'm only on IRC because it's 4am in Korea :)

19:01:21 [ddahl]

hi Channy - thanks for waking up!

19:01:27 [fluffy]

fluffy has joined #crypto

19:01:52 [rbarnes]

zakim, who's on the phone?

19:01:52 [Zakim]

SEC_WebCryp()3:00PM has not yet started, rbarnes

19:01:53 [Zakim]

On IRC I see fluffy, PhilipG, virginie_galindo, smc, RRSAgent, Zakim, emily, wtc, ekr, mcdondan, rbarnes, kaepora, Channy, tjr, tl1, ddahl, timeless, davidsarah, wseltzer

19:02:11 [hhalpin]

hhalpin has joined #crypto

19:02:32 [christopherkula]

christopherkula has joined #crypto

19:02:56 [hhalpin]

Zakim, what's the code?

19:02:56 [Zakim]

the conference code is 27978 (tel:+1.617.761.6200 sip:zakim@voip.w3.org), hhalpin

19:03:16 [rsleevi]

rsleevi has joined #crypto

19:03:17 [christopherkula]

calling from 510-387-xxxx

19:04:16 [MitchZ]

MitchZ has joined #crypto

19:04:21 [rbarnes]

rbarnes has joined #crypto

19:04:23 [virginie_galindo]

hi all, solving few problems of connection with wendy. will be there in a minute

19:04:29 [ddahl]

Zakim, who's on the phone?

19:04:29 [Zakim]

SEC_WebCryp()3:00PM has not yet started, ddahl

19:04:30 [Zakim]

On IRC I see rbarnes, MitchZ, rsleevi, christopherkula, hhalpin, fluffy, PhilipG, virginie_galindo, smc, RRSAgent, Zakim, emily, wtc, ekr, mcdondan, kaepora, Channy, tjr, tl1,

19:04:30 [Zakim]

... ddahl, timeless, davidsarah, wseltzer

19:04:51 [hhalpin]

Zakim, who's on the phone?

19:04:51 [Zakim]

SEC_WebCryp()3:00PM has not yet started, hhalpin

19:04:52 [Zakim]

On IRC I see rbarnes, MitchZ, rsleevi, christopherkula, hhalpin, fluffy, PhilipG, virginie_galindo, smc, RRSAgent, Zakim, emily, wtc, ekr, mcdondan, kaepora, Channy, tjr, tl1,

19:04:52 [Zakim]

... ddahl, timeless, davidsarah, wseltzer

19:04:59 [hhalpin]

Zakim, who's on the phone?

19:04:59 [Zakim]

SEC_WebCryp()3:00PM has not yet started, hhalpin

19:05:00 [Zakim]

On IRC I see rbarnes, MitchZ, rsleevi, christopherkula, hhalpin, fluffy, PhilipG, virginie_galindo, smc, RRSAgent, Zakim, emily, wtc, ekr, mcdondan, kaepora, Channy, tjr, tl1,

19:05:02 [Zakim]

... ddahl, timeless, davidsarah, wseltzer

19:05:47 [Karen]

Karen has joined #crypto

19:05:51 [hhalpin]

Zakim, who's on the phone?

19:05:51 [Zakim]

SEC_WebCryp()3:00PM has not yet started, hhalpin

19:05:52 [Zakim]

On IRC I see Karen, rbarnes, MitchZ, rsleevi, christopherkula, hhalpin, fluffy, PhilipG, virginie_galindo, smc, RRSAgent, Zakim, emily, wtc, ekr, mcdondan, kaepora, Channy, tjr,

19:05:52 [Zakim]

... tl1, ddahl, timeless, davidsarah, wseltzer

19:05:55 [sdurbha]

sdurbha has joined #crypto

19:05:58 [wseltzer]

zakim has been having trouble lately

19:07:22 [Asad]

Asad has joined #crypto

19:08:31 [hhalpin]

Web Cryptography Meeting Convened

19:08:37 [hhalpin]

chair: virginie_galindo

19:08:40 [hhalpin]

scribe: hhalpin

19:08:46 [hhalpin]

Zakim, agenda?

19:08:46 [Zakim]

I see nothing on the agenda

19:08:56 [wseltzer]

agenda+ Introduction

19:09:04 [wseltzer]

agenda+ "Virtual round table" of delegates

19:09:04 [hhalpin]

topic: Introduction

19:09:14 [wseltzer]

agenda+ Brief reminder of usecases for primary features

19:09:23 [wseltzer]

agenda+ Brief presentation of editor's draft API (by editors)

19:09:29 [hhalpin]

virginie: let's have a quick overview of all the topics we need to address

19:09:34 [wseltzer]

agenda+ Review of comments on draft Web Crypto API

19:09:47 [wseltzer]

agenda+ Web Cryptography Usecases and Requirements related to secondary features

19:09:53 [hhalpin]

... and then go over some of the logistics to make sure we are all at the same place.

19:09:59 [wseltzer]

agenda+ Test Suite for Web Crypto API

19:10:08 [wseltzer]

agenda+ Feedback from public conf call

19:10:17 [wseltzer]

agenda+ Group life

19:10:22 [hhalpin]

Zakim, who's on the phone?

19:10:22 [Zakim]

SEC_WebCryp()3:00PM has not yet started, hhalpin

19:10:23 [Zakim]

On IRC I see Asad, sdurbha, Karen, rbarnes, MitchZ, rsleevi, christopherkula, hhalpin, fluffy, PhilipG, virginie_galindo, smc, RRSAgent, Zakim, emily, wtc, ekr, mcdondan, kaepora,

19:10:23 [Zakim]

... Channy, tjr, tl1, ddahl, timeless, davidsarah, wseltzer

19:10:28 [wseltzer]

agenda+ Liaisons with other groups

19:11:34 [MitchZ]

Harry, I'm here! -MitchZ

19:12:22 [tjr]

tjr - Tom Ritter, iSEC Partners. I'm on the phone.

19:13:03 [wseltzer]

kaepora: is that Nadim?

19:13:08 [tjr]

Yes

19:13:21 [sdurbha]

sdurbha: Seetharama Durbha, CableLabs

19:14:02 [hhalpin]

Asad from Gelmato, SDurbha from Cabelalbs, Karen from Gemalto, Richard Barnes (BBN), Ryan Sleevi (Google), Christopher Kula (indepdnent), Fluffy (Cisco), PhilipG (Cisco), Virginie (Gemlato), SMC (Shawn McGregor - Oregon State University) ,m Emily Stark (MIT), , Wan-Teh Changg (Google, Eric (RRTM), McDondan (?? - may not on phone), Kaepora (?? - maybe not on phone), Tom Ritter (iSec partners - IEs), Channy (?? maybe) , tl1 (Tom Lowenthal David (Phone), David

19:14:25 [wseltzer]

agenda?

19:14:25 [ekr]

s/RTRM/RTFM/

19:14:37 [kaepora]

Hey guys

19:14:39 [kaepora]

Sorry I'm late

19:14:45 [hhalpin]

http://www.w3.org/2004/02/Process-20040205/groups.html#good-standing

19:17:12 [emily]

emily has joined #crypto

19:17:17 [hhalpin]

http://www.w3.org/2004/02/Process-20040205/policies.html#coi

19:18:46 [JimD]

JimD has joined #crypto

19:18:50 [hhalpin]

David Hooley (Cablelabs Gate)

19:18:57 [JimD]

Jim Davenport (MITRE) here

19:19:23 [hhalpin]

Jim Davenport (MITRE)

19:20:08 [hhalpin]

public-webcrytpo@w3.org

19:20:13 [wseltzer]

https://www.w3.org/Bugs/Public/enter_bug.cgi?product=WebCryptoWG&component=Crypto%20API

19:20:19 [wseltzer]

(bugzilla)

19:21:41 [wseltzer]

we'll have a separate public-webcrypto-comments list

19:22:20 [hhalpin]

Topic: use-cases

19:22:49 [wseltzer]

zakim, take up agendum 3

19:22:49 [Zakim]

agendum 3. "Brief reminder of usecases for primary features" taken up [from wseltzer]

19:23:16 [hhalpin]

virginie: what we have seen is that the use-cases behind the primary features are under debate last week

19:23:50 [hhalpin]

... I propose we have a wiki-page where we store the use-cases

19:23:57 [hhalpin]

ekr: the primary use-cases are too vague

19:24:28 [Channy]

I just summarized some of features in community wiki. http://www.w3.org/community/webcryptoapi/wiki/Use_Cases It's very starting page.

19:24:30 [hhalpin]

ekr: we need to be a lot more detailed than the list of things, largely because of the requirement of key isolation

19:24:35 [timeless]

RRSAgent, draft minutes

19:24:35 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/05/14-crypto-minutes.html timeless

19:24:45 [hhalpin]

... we hvae to list them excruciating detail

19:24:58 [hhalpin]

richard: if we have a requirement that the javascript layer can't handle the key

19:25:08 [hhalpin]

... then we need to have explicit functions for derived key

19:25:28 [hhalpin]

ekr: every single protocol, as there's a azillion different key derivation functions

19:25:29 [hhalpin]

q+

19:26:06 [hhalpin]

karen: I also think we define the scope and the level

19:26:19 [hhalpin]

... most of the messages do not seem aimed at high-value use-cases

19:26:27 [ekr]

Particularly, it needs to say stuff like JOSE, FIPS 800-108, etc.

19:26:39 [kaepora]

Hey guys, I'm in the conference call (I'm Nadim Kobeissi)

19:26:40 [timeless]

s/azillion/zillion/

19:26:45 [hhalpin]

wtc: I suggest that we need to sharpen the editors draft in the use-case

19:26:54 [hhalpin]

ack hhalpin

19:27:02 [tjr]

I proposed some use cases way back in December: http://lists.w3.org/Archives/Public/public-identity/2011Dec/0058.html I can revisit those and flesh them out if desired.

19:27:16 [tjr]

(Some of those are clearly outside the scope now.)

19:27:28 [rbarnes]

tjr: probably would be helpful

19:27:41 [ekr]

tjr: these seem like the right kind of thing.

19:27:52 [ekr]

(not necessarily saying I agree that they are exactly right)

19:29:29 [ddahl]

q+

19:30:00 [kaepora]

I think it's definitely to be interpreted as key isolation

19:30:30 [kaepora]

What else would you do with secret key material?

19:30:58 [kaepora]

How can I put myself on the speaker queue?

19:31:23 [hhalpin]

ddahl: let's consider key material still open at this point

19:31:28 [hhalpin]

... in some cases we'll need it

19:31:33 [ekr]

q+

19:31:40 [timeless]

RRSAgent, draft minutes

19:31:40 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/05/14-crypto-minutes.html timeless

19:31:44 [JimD]

good Zakim guide here: http://www.w3.org/2001/12/zakim-irc-bot

19:31:47 [hhalpin]

q- ddhal

19:31:49 [MitchZ]

Isn't the complexity around key isolation really two things: (1) how you derive / access the key or (2) how may crypto APIs you want in the generic case, whether you support key isolation or not?

19:31:53 [ddahl]

q-

19:32:10 [rbarnes]

q+

19:32:26 [MitchZ]

We don't need to add all crypto algorithms under the sun in version 1 of the APIs, do we?

19:32:29 [timeless]

s|s/RTRM/RTFM/||

19:32:34 [timeless]

s/Hey guys//

19:32:38 [timeless]

s/Sorry I'm late//

19:32:49 [timeless]

s/webcrytpo/webcrypto/

19:32:52 [ddahl]

MitchZ: no, we should not

19:32:55 [hhalpin]

kaepora: the charter should be interpreted as key isolation

19:32:59 [timeless]

s/(bugzilla)//

19:33:05 [hhalpin]

... no other thing that is actually helpful

19:33:09 [timeless]

s|https://www.w3.org/Bugs/Public/enter_bug.cgi?product=WebCryptoWG&component=Crypto%20API|-> https://www.w3.org/Bugs/Public/enter_bug.cgi?product=WebCryptoWG&component=Crypto%20API Bugzilla|

19:33:23 [timeless]

RRSAgent, draft minutes

19:33:23 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/05/14-crypto-minutes.html timeless

19:33:26 [MitchZ]

can the speaker please introduce himself?

19:33:31 [hhalpin]

ekr: I'm not sure why this a surprise for people, its important to distinguish between two different kinds of key isolation

19:34:01 [hhalpin]

... one form that I effectively trust JS with Key 0, but I'm worried about key theft at a later point

19:34:15 [JimD]

zakim, who's talking?

19:34:15 [Zakim]

sorry, JimD, I don't know what conference this is

19:34:19 [hhalpin]

... the other case is where you consider the browser is a trusted platform, and I'm not even allowed the access the keys

19:34:26 [rbarnes]

q-

19:34:31 [ddahl]

JimD: ekr is talking

19:34:52 [hhalpin]

ekr: we should distinguish them, most of security rationales are about the first, not the second

19:35:09 [hhalpin]

q?

19:35:11 [MitchZ]

q+

19:35:14 [hhalpin]

q- ekr

19:35:44 [hhalpin]

MitchZ: Our concerns around key protection have to be about writing more and more web applicaitons in HTML5, XSS attacks

19:36:12 [hhalpin]

... what is we are pulling down stuff from location we though we were (ala TLS) that may work in some cases

19:36:22 [ekr]

q+

19:36:32 [hhalpin]

... as applications being arbitrarily deployed, our concern is concern is for the user

19:36:36 [JimD]

zakim, this is SEC_WebCryp

19:36:36 [Zakim]

ok, JimD; that matches SEC_WebCryp()3:00PM

19:36:54 [hhalpin]

... if they want to take the keys to different application or a browser, we are worried about rogue attacks and non-renewable firmware

19:37:35 [hhalpin]

ekr: I'll be honest if we have XSS attacks, then we a problem and you need to figure out reseed their applications

19:37:49 [kaepora]

Good distinction: browser/devices

19:38:35 [hhalpin]

MitchZ: that may be true in browser world, but things may be very different in devices where the keys are hidden from anything but secure OS

19:38:47 [hhalpin]

... usually the keys are hidden in HSM is becoming more common and necki

19:38:51 [hhalpin]

agenda?

19:39:04 [timeless]

s|good Zakim guide here: http://www.w3.org/2001/12/zakim-irc-bot||

19:39:14 [MitchZ]

I keep hearing "Eckert"

19:39:20 [MitchZ]

Are people referring to "ekr"?

19:39:23 [rsleevi]

Yes

19:39:25 [MitchZ]

If so, apologies, Eric.

19:39:30 [MitchZ]

Of course I know you ;)

19:39:36 [MitchZ]

We need to do lunch again soon...

19:39:51 [timeless]

s/m Emily/Emily/

19:39:54 [timeless]

s/, ,/,/

19:40:00 [hhalpin]

ekr: in exactly the case in MitchZ is talking about exposure of ephermeral keys is not so bad, but exposure of permanent keys is terrible

19:40:12 [hhalpin]

... a design where every key has to be hidden may be impossible

19:40:18 [hhalpin]

... not an all or nothing issue

19:40:23 [ddahl]

hhalpin: i think this is an open issue that cannot be viewed as an all or nothing situation. I can see some API methods that allow you to create accessible key material, but the default main usage will be via keyID

19:40:56 [rsleevi]

q+

19:41:18 [fluffy]

q+

19:41:27 [hhalpin]

ack MitchZ

19:41:29 [ekr]

so, for instance, if you said that you couldn't access certain long-term keys, but you could export symmetric keying material, the whole KDF problem goes away

19:41:51 [hhalpin]

MitchZ: it is true that in many cases session keys can be revoked and renewed, so maybe XSS isn't a huge issue

19:42:13 [ddahl]

ekr: we should create some psuedo-code examples that better explain when we might want have access to the secret key material

19:42:17 [hhalpin]

... we have examples of how third parties take those keys and abuse them in interesting ways, and we have internally implemented things were session keys are inaccessible

19:42:23 [ekr]

I'm not suggesting that there is *no* benefit to protecting keys ever.

19:42:24 [hhalpin]

... its not a religious standpoint

19:42:31 [hhalpin]

... should have a either-or design

19:42:34 [hhalpin]

q- MitchZ

19:42:37 [hhalpin]

q- ekr

19:42:40 [virginie_galindo]

q+

19:43:11 [hhalpin]

rsleevi: lets look at high level, low level, normal

19:43:22 [hhalpin]

... PCKS11 gives you option, and you see thats common with other API

19:43:42 [rbarnes]

rsleevi: +1 to this approach

19:43:49 [hhalpin]

.. look at the "refer to by handle" but you can export it potentially in Crypto API and Next Gen Crypto API from Microsoft

19:43:53 [hhalpin]

... you have things and consistently refer to them by handles

19:44:02 [ekr]

Where things get really messy is whether the application of a key to a piece of data taints the output of that operation.

19:44:12 [hhalpin]

... but as some of this is implenmtatnion dependent, we can get them

19:44:18 [rbarnes]

q+

19:44:31 [ekr]

So, say I have an RSA key and I do X=RSA_decrypt(K, msg)

19:44:36 [hhalpin]

... but if we go low-level like PKS11 for JS we're going to have a very trickty time

19:44:38 [ekr]

Should I be able to see the output of X?

19:44:43 [hhalpin]

... padding schemes, encrpytion modes,

19:44:46 [ekr]

q+

19:45:02 [kaepora]

kaepora has joined #crypto

19:45:23 [hhalpin]

... we should allow implemention dpeendent

19:46:03 [hhalpin]

... import/export out of key material

19:46:06 [hhalpin]

rbarnes: I'd like more info on use-caes before making decision on use-cases

19:46:07 [ekr]

This becomes especially difficult if some of the operations reveal information about the keys.

19:46:13 [fluffy]

q-

19:46:53 [hhalpin]

Virginie: A need for us to write the use-cases down and transform them into functional requirements

19:46:57 [ekr]

So, for instance, it's generally safe to operate an RSA decryption oracle as long as I'm not allowed to do raw output of PKCS#1 non-compliant data

19:47:03 [kaepora]

kaepora has joined #crypto

19:47:14 [ekr]

but it's *not* necessarily safe to output the results of DH key agreement compuations

19:47:14 [hhalpin]

... the multiple levels approach is a proposal

19:47:18 [kaepora]

Someone mentioned earlier that W3Crypto would be used on Bluray devices – could someone expand on that? Examples?

19:47:18 [fluffy]

I'm having a hard time hearing Virginie

19:47:29 [kaepora]

New idea to me

19:48:04 [ddahl]

kaepora: There is a netflix use case for this... http://www.w3.org/wiki/NetflixWebCryptoUseCase

19:48:55 [virginie_galindo]

to fluffy : hearing of understanding my frenc accent ? ;-)

19:48:58 [kaepora]

*Crickets*

19:49:02 [ddahl]

hhalpin: i will if no one else does

19:49:13 [ekr]

so, I don't generally understand the problem that people think they are trying to solve. I know how I would design a system :)

19:49:18 [rbarnes]

ddahl: i can help

19:49:22 [MitchZ]

i'll volunteer to work with ddahl

19:49:24 [ddahl]

rbarnes++

19:49:33 [ddahl]

MitchZ++

19:49:35 [hhalpin]

ACTION: ddahl amd MtichZ to help collect use-cases around key isolation

19:49:50 [ddahl]

hhalpin: don't forget rbarnes

19:50:02 [hhalpin]

agenda?

19:50:16 [wseltzer]

zakim, drop agendum 2

19:50:16 [Zakim]

agendum 2, "Virtual round table" of delegates, dropped

19:50:30 [wseltzer]

zakim, take up agendum 4

19:50:30 [Zakim]

agendum 4. "Brief presentation of editor's draft API (by editors)" taken up [from wseltzer]

19:50:42 [hhalpin]

s/and MitchZ/ and MitchZ and rbarnes

19:50:54 [hhalpin]

topic: Brief presentation of editor's draft API

19:51:00 [wseltzer]

-> http://www.w3.org/2012/webcrypto/WebCryptoAPI/

19:51:10 [hhalpin]

ddahl: This is just a starting point for conversation on the API

19:51:22 [ddahl]

http://www.w3.org/2012/webcrypto/WebCryptoAPI/

19:51:24 [hhalpin]

... I've expanded on DomCrypt work

19:52:03 [MitchZ]

w.r.t. to ekr's question on the RSA decrypt, i believe that what is described does not work b/c... the initial message from client -> server does not contain any sort of acknowledgement that the exchange has the eventual purpose of key exchange with key hiding

19:52:23 [hhalpin]

... the big change is we've moved to event driven model

19:52:30 [ekr]

sorry, I don't understand your point.

19:52:30 [hhalpin]

... that's the largest change from DomCrypt

19:52:40 [hhalpin]

... I'd like to see if this event-driven model makes more sense

19:52:40 [MitchZ]

DH has the benefit of the SS creation happening under the covers, so it's obvious how this would work w/ DH

19:53:00 [hhalpin]

... no such thing as call-back driven DOM interface as event-driven is cleaner, allows multiple listeners

19:53:06 [hhalpin]

... seems to be "what the web expects"

19:53:10 [MitchZ]

but an RSA "for hidden key exchange" could certainly be possible, but it isn't regular RSA encrypt/decrypt

19:53:15 [ekr]

q+

19:53:20 [kaepora]

q+

19:53:27 [hhalpin]

... as far as key isolation, everything is what I think of as "high-leveL'

19:53:37 [hhalpin]

... what appears to be high-level could be low-layer from a different layer

19:53:40 [virginie_galindo]

q-

19:53:57 [ekr]

Mitch: well, as I said, I'd like to see a threat analysis that explains why it's desirable to hide the RSA output.

19:54:08 [hhalpin]

ddahl: I'm a browser engineer, not a cryptographer

19:54:22 [ekr]

I don't understand how this API works if I have concurrent key generations.

19:54:25 [hhalpin]

... the main other things that have changed is hashing and MAC

19:54:28 [hhalpin]

... other folks want CMAC

19:54:32 [ekr]

how do I distinguish them?

19:54:36 [hhalpin]

... so some other things have came up

19:54:41 [hhalpin]

... this is a starting point

19:54:49 [hhalpin]

... I have tried to add as much example code as possible

19:55:06 [ekr]

can't we use hg?

19:55:16 [ekr]

That's what WebApSec is using.

19:55:51 [ekr]

perhaps the hub of git. :)

19:56:19 [kaepora]

The question I'm planning to ask: will adding DRM a-la-Netflix be worth modifying our spec, or is it not enough of a priority?

19:56:51 [MitchZ]

? Netflix' involvement in this has nothing to do with DRM?

19:57:06 [MitchZ]

So, I'll be curious to hear your question.

19:57:08 [hhalpin]

virginie: we want to address as much as we have

19:57:26 [hhalpin]

... so let's stick to discussion on mailing list rather than raising new version

19:57:29 [ekr]

ddahl: how do you handle concurrent async operations?

19:57:40 [wseltzer]

q?

19:57:42 [hhalpin]

q?

19:57:42 [kaepora]

MitchZ: http://www.w3.org/wiki/NetflixWebCryptoUseCase specifies "DRM license exchanges"

19:57:43 [rbarnes]

q-

19:57:50 [hhalpin]

q- ekr

19:58:05 [kaepora]

q-

19:58:10 [hhalpin]

ddahl: we will try to create constructors

19:58:15 [hhalpin]

ekr: I'm not have callback vs events

19:58:21 [hhalpin]

... but we need to have concurrent operations

19:58:35 [hhalpin]

ddahl: what will happen is that you'll create a constructor and isolate it via constructor

19:58:44 [rsleevi]

ddahl: That was the motivation for the object-based approach discussed on the mailing list - so that different objects may have different callbacks, and for the use via Workers

19:58:53 [rsleevi]

s/callbacks/events/

19:59:07 [MitchZ]

q+

19:59:30 [hhalpin]

kaepora: API to grant license exchange, we would modify the charter

19:59:35 [ddahl]

rsleevi: indeed, that was another thing that Mozilla platform engineers recommended - a synchronous API in parallel that only runs in Workers

19:59:41 [kaepora]

Whew, great news

19:59:47 [hhalpin]

MitchZ: I'll remove the DRM acronym from use-case document now, our protocol has to do with device and user-authentication

19:59:55 [kaepora]

MitchZ: That's wonderful news, thanks.

19:59:58 [hhalpin]

... the DRM question confuses

20:00:02 [PhilipG]

q+

20:00:04 [Zakim]

-??P21

20:00:11 [kaepora]

Yeah, I was a bit frazzled by the mention of DRM ;-)

20:00:13 [MitchZ]

q-

20:00:24 [hhalpin]

PhilipG: I wonder about higher level stuff

20:00:27 [Karen]

q+

20:00:34 [JimmyD0nut]

JimmyD0nut has joined #crypto

20:00:48 [PhilipG]

q-

20:00:49 [hhalpin]

agenda?

20:00:54 [MitchZ]

kaepora: thanks for input on use case doc.

20:01:09 [hhalpin]

topic: secondary use-cases

20:01:11 [ddahl]

hhalpin: i think there might be a question from karen

20:01:12 [kaepora]

MitchZ: Thanks for the reassuring answer, I'd hate this spec to be DRM-oriented.

20:01:35 [MitchZ]

me too :)

20:01:55 [hhalpin]

karen: for the API itself I don't quite understand where is the ciphertext is

20:02:17 [hhalpin]

ddahl: the ciphertext shows inside of the function handler that is run after things are encrypted

20:02:33 [hhalpin]

wtc: a few minor typos

20:02:48 [hhalpin]

karen: keystore of cryptoprovider

20:02:52 [hhalpin]

... is that in-scope?

20:03:30 [rsleevi]

q+

20:03:30 [hhalpin]

browser could provide key operations

20:03:31 [hhalpin]

... but could smartcard?

20:03:36 [hhalpin]

q- Karen

20:04:05 [hhalpin]

rsleevi: looking at different levels of keys, looking at persistent keys on smartcards

20:04:06 [hhalpin]

... some of its contigent on use-cases that come in

20:04:13 [tjr]

Is this meeting capped at ending in 30 minutes, or is expected to run indefinetly?

20:05:13 [JimD]

zakim, JimD is temporarily JimmyD0nut

20:05:13 [Zakim]

sorry, JimD, I do not recognize a party named 'JimD'

20:05:14 [rsleevi]

q-

20:05:36 [timeless]

timeless has joined #crypto

20:06:04 [Zakim]

- +1.403.244.aagg

20:06:08 [timeless]

RRSAgent, draft minutes

20:06:08 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/05/14-crypto-minutes.html timeless

20:06:12 [timeless]

Zakim, where is +1403?

20:06:12 [Zakim]

North American dialing code 1.403 is Alberta

20:06:25 [rsleevi]

q+

20:06:35 [wseltzer]

meeting: Web Cryptography Working Group

20:07:01 [Zakim]

- +33.6.13.23.aall

20:07:28 [hhalpin]

wtc: what I have in mind is that the website use very high-level criteria, similar to TLS

20:07:35 [timeless]

RRSAgent, draft minutes

20:07:35 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/05/14-crypto-minutes.html timeless

20:07:41 [hhalpin]

... specifying the set of acceptable criteria to find key in right key container

20:07:51 [hhalpin]

q?

20:07:55 [rsleevi]

q-

20:08:16 [hhalpin]

topic: gathering secondary feature use-cases

20:08:23 [kaepora]

q+

20:08:30 [wseltzer]

phone troubles here for virginie and wendy

20:08:44 [kaepora]

I have a pretty elaborate use-case

20:09:10 [rsleevi]

q+

20:09:41 [hhalpin]

nadim: I might want to volunteer for that document if no-one else does

20:09:46 [hhalpin]

... I'd need to be briefed

20:10:04 [hhalpin]

... I have an elaborate use-case for encrypted IM using HTML5

20:10:16 [hhalpin]

... porting to Android to iOS using PhoneGap

20:10:22 [hhalpin]

... it would benefit from such an API

20:10:47 [hhalpin]

... secret key storage would be very useful

20:11:07 [hhalpin]

... the project is already running so we can use it for a testbed

20:11:25 [Zakim]

+ +33.6.13.23.aapp

20:11:47 [Channy]

There is secondary feature use-cases from Korea too. http://www.w3.org/wiki/KoreaWebCryptoUseCase

20:11:55 [JimD]

I'll volunteer to assist nadim with secondary use-cases

20:12:09 [kaepora]

Link to my project (Cryptocat)

20:12:11 [hhalpin]

... move from Stanford Library to W3C library

20:12:13 [kaepora]

https://project.crypto.cat

20:12:22 [kaepora]

https://crypto.cat

20:12:36 [ekr]

rsleevi: do you mean just erasing it on the client or a message to the server?

20:12:43 [hhalpin]

ryan: we really want to fix the TLS session stuff, but as its in charter, that's one we are very interested in Google, could be done independently but could happen here

20:12:52 [hhalpin]

... browsers each do it differenty

20:12:56 [hhalpin]

... we will put together a strawman

20:13:28 [rsleevi]

ekr: API for the client to 'forget' its session ID

20:13:42 [rsleevi]

ekr: invaliding the (client) session ID cache

20:13:46 [ekr]

rsleevi: why doesn't the server do it

20:13:47 [ekr]

?

20:14:00 [hhalpin]

ACTION: JimD and Nadim to start a wikipage to start collecting the use-cases for secondary features

20:14:21 [ekr]

Isn't it kind of a problem to have the session cache hanging around on the server?

20:14:25 [kaepora]

JimD: Please email me so we can get started: nadim@nadim.cc

20:14:29 [hhalpin]

Topic: Test Suite

20:14:40 [hhalpin]

virginie: We will want to address test suite

20:14:53 [christopherkula]

Interested in possibly helping Nadim on secondary use cases

20:14:56 [rsleevi]

ekr: Browser behaviours actively thwart effectively managing it at the server. I can provide more details on the list of previous discussions where this has arrived (eg: the W3C CG for WebID catalogued these pretty well)

20:15:03 [hhalpin]

topic: feedback from public call

20:15:31 [ekr]

I'm not disagreeing with that, but it seems like a security problem to have it exist on the server

20:15:32 [hhalpin]

the definition of use-cases of primary features

20:15:47 [kaepora]

q-

20:15:53 [hhalpin]

topic: Group life

20:16:03 [rsleevi]

ekr: The expressed desire for log out has less to be about security issues, and more about the general usability of SSL client certs within browsers

20:16:12 [ekr]

rsleevi: ah

20:16:22 [hhalpin]

lets have a face-to-face meeting during the summer

20:16:27 [hhalpin]

can't have something earlier than 8 weeks

20:16:29 [kaepora]

That's a great idea

20:16:36 [Zakim]

- +1.510.387.aaii

20:16:37 [hhalpin]

end of july would be earliest

20:16:49 [hhalpin]

we could do near the IETF meeting in Vancounver

20:16:59 [ekr]

what is the proposed time?

20:17:05 [Channy]

@hhalpin I want to join job of secondary feature use-cases

20:17:06 [ekr]

IETF is already *really* long

20:17:18 [rbarnes]

hhalpin: +1 to IETF colo

20:17:41 [wseltzer]

IETF is July 20-Aug 3 in Vancouver

20:17:44 [kaepora]

Vancouver would be cool

20:17:52 [rsleevi]

wseltzer: July 29, you mean, right?

20:17:53 [wseltzer]

s/20/29/

20:18:12 [hhalpin]

https://www.ietf.org/meeting/upcoming.html

20:18:26 [ekr]

q+

20:18:35 [wtc]

wtc has joined #crypto

20:18:37 [tjr]

That overlaps with Black Hat July 23-26

20:18:40 [hhalpin]

ekr: its a problem to schedule stuff right before IETF

20:18:45 [hhalpin]

... I probably already have somethig then

20:18:49 [rbarnes]

q+

20:19:11 [hhalpin]

... if you are trying to capture then, it will increase conflcits rather than decrease

20:19:56 [rbarnes]

q-

20:19:56 [hhalpin]

q- ekr

20:20:05 [hhalpin]

q- rbarnes

20:20:24 [hhalpin]

PROPOSAL: meet at Vancouver last week of July, need to decide by next WG meeting

20:20:28 [Zakim]

+ +1.510.387.aaqq

20:20:32 [JimD]

Next Meeting: IETF 84, July 29-August 3, 2012 (from www.ietf.org)

20:20:34 [hhalpin]

virginie: we will also deifnitely meet at TPAC

20:20:39 [wseltzer]

-> http://www.w3.org/2012/10/TPAC/

20:21:08 [Zakim]

-??P26

20:21:36 [Zakim]

-??P22

20:21:43 [kaepora]

Alright everyone, I must be on my way

20:21:49 [kaepora]

Very much appreciated this meeting

20:21:58 [kaepora]

Will be in touch with JimD regarding our new editing responsibilities

20:21:59 [kaepora]

Thank you

20:22:33 [Karen]

It is better to do it 4 hours earlier.

20:22:41 [JimD]

Yes, Can make it 2 or 4 hours earlier

20:22:45 [PhilipG]

can't do 4 hours earlier

20:22:51 [Karen]

If it is 2hr earlier, it will be midnight in asia

20:23:00 [tjr]

+1 doodle

20:23:12 [Channy]

+1

20:24:08 [hhalpin]

RESOLUTION: Meet next Monday 2 hours earlier

20:24:23 [hhalpin]

ACTION: virginie to send out Doodle with a range of meeting times

20:24:28 [wtc]

How long will the next meeting be? 1 or 1.5 hours?

20:25:03 [hhalpin]

we will try to keep them to 1 hour typically, but they will tend to go over in the beginning of the WG life to 1.5 hours

20:25:19 [hhalpin]

people in general should feel to OK with dropping after the first hour

20:27:22 [hhalpin]

Summary: Two new wikis over primary and secondary use-cases, need decision re Vancounver f2f by next meeting, the test-suite and liason topics need to be visited next meeting, next meeting 2 hours earlier with a Doodle for new meetings

20:27:30 [hhalpin]

virginie: we need better consistency

20:27:43 [hhalpin]

... in following up points on mailing list

20:28:27 [Zakim]

- +1.212.462.aacc

20:28:28 [Zakim]

-??P10

20:28:29 [hhalpin]

Meeting Adjourned

20:28:29 [Zakim]

- +1.978.936.aahh

20:28:30 [Zakim]

- +1.408.540.aaoo

20:28:30 [Zakim]

- +1.650.678.aabb

20:28:31 [Zakim]

- +1.707.799.aadd

20:28:31 [Zakim]

- +1.510.387.aaqq

20:28:33 [Zakim]

- +1.773.939.aaaa

20:28:33 [hhalpin]

RRSAgent, generate minutes

20:28:33 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/05/14-crypto-minutes.html hhalpin

20:28:34 [Zakim]

-??P17

20:28:35 [Zakim]

- +1.619.200.aann

20:28:37 [Zakim]

- +33.6.13.23.aapp

20:28:39 [JimD]

JimD has left #crypto

20:28:40 [Zakim]

-[Microsoft]

20:28:41 [PhilipG]

PhilipG has left #crypto

20:28:41 [Zakim]

- +1.650.214.aajj

20:28:44 [Zakim]

- +1.703.284.aaee

20:28:45 [Zakim]

- +1.512.257.aaff

20:28:48 [Zakim]

- +1.978.831.aamm

20:28:50 [Zakim]

-Harry_Halpin

20:28:51 [Zakim]

SEC_WebCryp()3:00PM has ended

20:28:54 [Zakim]

Attendees were +1.773.939.aaaa, +1.650.678.aabb, +1.212.462.aacc, +1.707.799.aadd, +1.703.284.aaee, +1.512.257.aaff, +1.403.244.aagg, +1.978.936.aahh, +1.510.387.aaii, [Microsoft],

20:28:56 [Zakim]

... +1.650.214.aajj, +1.408.540.aakk, Harry_Halpin, +33.6.13.23.aall, +1.978.831.aamm, +1.619.200.aann, +1.408.540.aaoo, +33.6.13.23.aapp, +1.510.387.aaqq

20:29:28 [sdurbha]

sdurbha has left #crypto

20:29:38 [wseltzer]

Meeting: Web Cryptography Working Group

20:29:47 [wseltzer]

rrsagent, generate minutes

20:29:47 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/05/14-crypto-minutes.html wseltzer

20:30:33 [christopherkula]

christopherkula has joined #crypto

20:52:09 [christopherkula]

christopherkula has joined #crypto

20:53:51 [smc]

smc has joined #crypto

20:54:10 [fluffy]

fluffy has left #crypto

21:07:57 [wseltzer]

RRSAgent, where am I?

21:07:57 [RRSAgent]

See http://www.w3.org/2012/05/14-crypto-irc#T21-07-57

22:34:35 [smc]

smc has joined #crypto

22:40:54 [smc]

smc has joined #crypto