ISSUE-33: Clarify text in section 5.1 with respect to how key tainting is handled with multi-origin scenario

Clarify key tainting

Clarify text in section 5.1 with respect to how key tainting is handled with multi-origin scenario

State:
CLOSED
Product:
Web Cryptography API
Raised by:
Asad Ali
Opened on:
2012-08-28
Description:

> Section 5.1, security considerations:
>
> This section has the following text in the third paragraph,
>
> “Such mitigations may include restricting a generic key ("tainting")
> once it has been used with a specific algorithm or operation, and only
> permit applications to use that key with that same algorithm or
> operation in the future.”
>
> This mitigation suggestion is misleading. The reader may understand
> that the tainting could be made by the user agent. If it were the
> case, it would introduce fragmentation in application behavior. The
> tainting should be under the control of the application itself and
> should not fall in the scope of user agent initiative.

comments from Ryan:

It's not misleading. That was the intent. The user agent SHOULD handle tainting.

This is especially critical if multi-origin access is to be permitted, since there is no way for multiple origins to agree upon the acceptable usage of a shared key - and worse, if they could, it may offer a side-channel for communication that undermines the browser privacy/security model.

If this justification isn't enough, we should open an ISSUE on it, but I think this one is important, and perhaps normatively so. If it's controversial, we can remove it, but I think any hope of multi-origin access MUST have this.

Further, the only reliable place to store this tainting information is within the key attributes, assuming we implement them. Because keys may live longer than other storage mechanisms (eg: IndexedDB, Web Storage), the only way to reliably store tainting information is with the key. Thus, is it reasonable to expect every other application to do this same thing?

Note that the concept of tainting is not unique to this proposal, and other proposals (notably, anything related to CORS) already requires user agents implement such mechanisms, although doing so regarding origins.

It does sound like an ISSUE needs to be open about this.
Related Actions Items:
No related actions
Related emails:
  1. [minutes] Re: W3C Web Crypto WG - monday 4th of march (from wseltzer@w3.org on 2013-03-04)
  2. Re: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from rbarnes@bbn.com on 2013-03-04)
  3. Re: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from watsonm@netflix.com on 2013-03-04)
  4. Re: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from hhalpin@w3.org on 2013-03-04)
  5. Re: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from hhalpin@w3.org on 2013-03-04)
  6. RE: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from Virginie.GALINDO@gemalto.com on 2013-03-04)
  7. Re: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from hhalpin@w3.org on 2013-03-04)
  8. W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from Virginie.GALINDO@gemalto.com on 2013-03-04)
  9. Re: W3C Web Crypto WG - agenda for our call today @ 20:00 UTC (from watsonm@netflix.com on 2013-02-04)
  10. RE: W3C Web Crypto WG - agenda for our call today @ 20:00 UTC (from Asad.Ali@gemalto.com on 2013-02-04)
  11. Re: W3C Web Crypto WG - agenda for our call today @ 20:00 UTC (from S.Durbha@cablelabs.com on 2013-02-04)
  12. W3C Web Crypto WG - agenda for our call today @ 20:00 UTC (from Virginie.GALINDO@gemalto.com on 2013-02-04)
  13. PROPOSAL: Close ISSUE-33 - Clarify text in section 5.1 with respect to how key tainting is handled with multi-origin scenario (from sleevi@google.com on 2013-01-31)
  14. crypto-ISSUE-33 (Clarify key tainting): Clarify text in section 5.1 with respect to how key tainting is handled with multi-origin scenario [Web Cryptography API] (from sysbot+tracker@w3.org on 2012-08-28)

Related notes:

as decided during our call on the 3th of March, issue is closed.
http://www.w3.org/2013/03/04-crypto-minutes.html

Virginie GALINDO, 4 Apr 2013, 09:26:52

Display change log ATOM feed


Chair, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 33.html,v 1.1 2017/02/13 16:16:51 ted Exp $