07:01:05 RRSAgent has joined #hb-secure-services 07:01:05 logging to http://www.w3.org/2016/04/27-hb-secure-services-irc 07:01:10 Zakim has joined #hb-secure-services 07:01:27 Meeting: Hardware-Based Secure Services CG, F2F Day 2 07:01:50 Agenda: https://github.com/w3c/websec/wiki/hb-secure-services-workshop-:-agenda 07:02:06 wseltzer has changed the topic to: Hardware-Based Secure Services Agenda: https://github.com/w3c/websec/wiki/hb-secure-services-workshop-:-agenda 07:58:46 klas has joined #hb-secure-services 07:59:20 brian has joined #hb-secure-services 08:00:26 rigo has joined #hb-secure-services 08:01:49 virginie has joined #hb-secure-services 08:02:15 donfel01 has joined #hb-secure-services 08:02:15 PaulW has joined #hb-secure-services 08:04:49 acouvert has joined #hb-secure-services 08:04:58 => presentation round 08:05:01 Sebastien has joined #hb-secure-services 08:05:05 jpyle has joined #hb-secure-services 08:05:24 All notes and finding from yesterday are here : https://v.etherpad.org/p/Hardware_Security 08:05:26 drogersuk has joined #hb-secure-services 08:06:33 The live minutes of yesterday are available here : https://www.w3.org/2016/04/26-hb-secure-services-minutes.html 08:07:15 agenda is here : https://github.com/w3c/websec/wiki/hb-secure-services-workshop-:-agenda 08:08:18 colin has joined #hb-secure-services 08:09:21 Wendy summarises the main points from the 26th 08:12:09 A goal for today is to keep going with the work from yesterday and confirm that the use cases and features in etherpad are what we want to do 08:12:20 ...outlining what these APIs may look like? 08:12:34 ...how do we build that into the web, what are some of the functions? 08:12:42 ...privacy and security considerations 08:12:49 ...importance of accessibility 08:13:05 ...what other dependencies and interactions we have 08:18:27 David : we will have champions for each use case 08:18:41 Sébastien contributed some pieces on use cases 08:18:46 Rob has joined #hb-secure-services 08:20:05 jplyle has joined #hb-secure-services 08:21:49 Don ; where is that executed ? 08:22:27 Sebastien : its a javascript, so in the browser, and it will be up to the browsre to execute it depending on its implementation 08:22:57 Don : the use case I have in mind is the remote entity requesting to sign something, we may pass the data in clear. 08:23:32 Paul : there is some effirt to do to convince that we can do that, and can we provide the API 08:23:58 Paul : when you sign, you might need to give some ocntextual information to the user. 08:24:16 Paul : explaining all the possible WYSWYS 08:24:52 s/ocntextual /contextual 08:26:12 sebastien : the context and message are going together seems to be a proposal 08:27:11 Peter: Germany digital signature law had certified display component 08:27:33 ... can we get there in the browser? or how close? 08:29:30 rrsagent, make logs public 08:33:13 phofmanntsy has joined #hb-secure-services 08:54:17 zakim, what color is the bikeshed? 08:54:17 I think Magenta haze 09:01:55 KMS = Key management selection 09:17:47 hvirji has joined #hb-secure-services 09:29:56 flipchart image: https://github.com/w3c/websec/blob/gh-pages/transaction_confirmation.jpg 09:43:11 Rob has joined #hb-secure-services 09:52:28 The WSD of the transaction confirmation / non repudiation use case: https://www.websequencediagrams.com/?lz=dGl0bGUgVHJhbnNhY3Rpb24gY29uZmlybWF0aW9uCgpwYXJ0aWNpcGFudCBFbmQtdXNlciBhcyBFVQAODVNlcnZpY2UgUHJvdmlkAB0GU1AAMQ1Ccm93ADYHQlIASw1UcnVzdGVkICBVSSAoVEUsIE9TIG9yIE1XKSBhcyBUVUkAXA9jdXJlIFN0b3JhZ2UAdQVlciAoZVNFLCBTSU0sIE5GQy9CTEUgU0UgLi4uAD8FU0NTCgpFVS0-U1A6IFJlcXVlc3Qgc2Vuc2l0aXZlIG9wZXIAgWoGU1AtPkJSOiBEZWxpdmVyIHRoZSBIVE1ML0pTIHBhZ2UKQlI[CUT] 09:53:52 Sorry: the good one: https://www.websequencediagrams.com/?lz=dGl0bGUgVHJhbnNhY3Rpb24gY29uZmlybWF0aW9uCgpwYXJ0aWNpcGFudCBFbmQtdXNlciBhcyBFVQAODVNlcnZpY2UgUHJvdmlkAB0GU1AAMQ1Ccm93ADYHQlIASw1UcnVzdGVkICBVSSAoVEUsIE9TIG9yIE1XKSBhcyBUVUkAXA9jdXJlIFN0b3JhZ2UAdQVlciAoZVNFLCBTSU0sIE5GQy9CTEUgU0UgLi4uAD8FU0NTCgpFVS0-U1A6IFJlcXVlc3Qgc2Vuc2l0aXZlIG9wZXIAgWoGU1AtPkJSOiBEZWxpdmVyIHRoZSBIVE1ML0pTIHBhZ2UKQlIAGwZKUyBjb21wdXQAgiEHYWx0IE5STSBvbmx5IChub24gcm[CUT] 09:58:57 URL is shortened by the IRC => complete link on etherpad 10:11:45 zakim, generate minutes 10:11:45 I don't understand 'generate minutes', virginie 10:12:31 rrsagent, draft minutes 10:12:31 I have made the request to generate http://www.w3.org/2016/04/27-hb-secure-services-minutes.html virginie 10:17:32 ahana has joined #hb-secure-services 10:17:45 PaulW has joined #hb-secure-services 10:18:38 Hi all, been detained by the lurgy so joining late on IRC. Ahana Datta, Security Engineer at the Ministry of Justice 10:19:56 Don: describing the GP TEE, TUI 10:20:14 ... high-level user authentication for trusted application 10:20:22 ... signed and authorized to run in TEE 10:20:30 ... can display PNG image (with restrictions) 10:20:43 ... overlaid with plain text 10:21:07 ... give it a text string and it overlays 10:21:21 ... Displaying confidential information; no input other than 4 buttons 10:21:26 ... ok, cancel, next, prev 10:21:37 ... you can change the buttons 10:21:45 ... everything else is under control of TEE 10:21:51 ... trusted app doesn't get to change it 10:22:08 Specification can be found under Trusted User Interface API Specification v1.0 | GPD_SPE_020 http://www.globalplatform.org/specificationsdevice.asp 10:22:09 ... 2d mode of operation is the same as the first, but adds entry field 10:22:17 ... expected for PIN entry 10:22:26 ... field can be displayed or not (*s) 10:22:38 ... 3d mode, same with 2 entry fields, e.g. username pwd 10:22:56 ... message boxes under control fo TEE as to format 10:23:02 ... calling app just gets to insert text 10:23:20 ... Next version: TEE can report back whether biometric was provided by user 10:23:47 ... return handle which trusted app can use to determine which biometric, i.e., recognizing handle 10:24:00 ahana, can I have your email to complete the list of attendees? 10:24:28 ahana.datta@digital.justice.gov.uk 10:24:50 ... currently, pretty simple display, user feedback 10:25:12 Don: There wasn't a lot of pull for that work 10:25:24 ... SPs were using different intereface, more like framebuffer 10:25:43 ... framebuffer, you have this size screen, you can write to it to display to user 10:25:58 ... then using event-driven interface to report, e.g., finger pressed 10:26:21 ... GP is now standardizing low-level interface, framebuffer, input event-driven 10:26:41 ... If you wanted to put this [previously discussed] app into the TEE 10:26:52 ... you'd make it a TA 10:27:01 ... get a UUID 10:28:12 poor moj 10:29:03 ... GP will provide APIs; allow adding of APIs that don't break the protection model 10:29:46 ... this group could define UUID if it met GP rules 10:34:15 Brian: bridging the gap between the JavaScript and GP 10:38:03 wseltzer: Next, we need to test the plausibility with service providers (the "customers" of the API) and implementors 10:38:41 virginie: Sebastien, are you willing to edit? 10:38:44 Sebastien: yes 10:39:20 ... I invite co-editors 10:39:58 wseltzer: do we have volunteers to talk with service providers? 10:40:02 virginie: Gemalto will 10:41:05 brian: If I can get internal agreement at Visa 10:43:41 wseltzer: I'll add some of the questions we want to ask 10:43:58 ... and let's get a 1-2 pager for circulation with people who aren't in the room 10:44:48 Topic: Secure Credential Storage and Management 10:47:23 RRSAgent, please draft minutes 10:47:23 I have made the request to generate http://www.w3.org/2016/04/27-hb-secure-services-minutes.html rigo 10:48:13 Note that web crypto API is here : https://www.w3.org/TR/WebCryptoAPI/ 10:48:28 That API may open the dependency paragraph 10:48:57 Atamli has joined #hb-secure-services 10:49:05 rigo : possession and knowledge can be different from an external secure chip and embedded secure chip 10:49:41 Rigo: identity 10:49:44 ahana, we are working on https://v.etherpad.org/p/Hardware_Security 10:50:07 cheers 10:51:06 Rigo : recommends that we stay open enough to be compatible with identity scheme that are not X509 complaint 10:51:27 s/complaint/compliant 11:00:58 Don: GP has been avoiding X.509 11:01:08 ... public review starting on management framework 11:01:18 ... not using any standard certificate structure 11:01:22 ... a bit of ASN.1 11:02:35 Paul: if you're storing public-private keypairs with a handle, maybe you don't care about certificate formats 11:03:07 Don: you could use GP standards for provisioning data and keys for SE and TEE 11:04:13 Don: SE uses methodology, TEE, OS, browser, each use methodology 11:04:55 At MoJ, we've begun to use Amazon's KMS for key management and IAM for access 11:04:56 https://d0.awsstatic.com/whitepapers/KMS-Cryptographic-Details.pdf 11:08:28 s/GP has been avoiding X.509/GP TEE has been avoiding X.509/ 11:12:09 [again, most note-taking is at the bottom of the etherpad, https://v.etherpad.org/p/Hardware_Security ] 11:16:10 Rigo : expose a case where a key is enriched with metadata such as domains authorized to use it 11:16:33 igo : the metadata can be updated later 11:29:10 brian has joined #hb-secure-services 11:32:09 virginie: Revocation? 11:32:43 ... both revoking access to a credential, and invalidating the credential 12:19:32 klas has joined #hb-secure-services 12:21:22 virginie has joined #hb-secure-services