21880 – Certificate management is underspecified

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 21880 - Certificate management is underspecified

Summary: Certificate management is underspecified

Status:	RESOLVED LATER

Alias:	None

Product:	WebRTC Working Group
Classification:	Unclassified
Component:	WebRTC API (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P2 normal
Target Milestone:	---
Assignee:	Martin Thomson
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2013-04-30 18:14 UTC by Martin Thomson
Modified:	2014-12-15 10:39 UTC (History)
CC List:	3 users (show)

See Also:

Attachments

Description Martin Thomson 2013-04-30 18:14:58 UTC

The current specification is silent on how peer certificates are managed.

Current implementations appear to mint a new certificate for every new connection. This is good from a privacy perspective because it ensures that no two sessions can be linked based solely on certificate contents. Of course that assumes that the certificate doesn't contain a DN that contains linkable information.

Volatile certificates create a minor performance issue (certificate generation is fast, but it's not that fast) and a major traceability issue. If there is no stability in certificates, then you lose the ability to audit sessions. It's not possible to determine if the peer you were talking to is really the person you expected - they are probably unable to produce the certificate that they used during the session because the certificate has since been destroyed.

This leads to a need for some degree of persistence, with certain constraints:
1. Certificates cannot be the same across different origins, i.e., your identity must be unlinkable across origins.
2. It must be possible to use a different certificate when talking to different people on the same site, i.e., your identity must be unlinkable across peers.
3. Certificates need to be destroyed when cookies are destroyed, i.e., you must be able to control linkability over time.

Requirement 2 is the most interesting case because this implies that there needs to be some interaction with the application to achieve this, not just the browser. Only the application has any hope of having prior knowledge of identity such that this would be possible.

Note: A DTLS peer acting in the server role presents their certificate without any prior knowledge of the identity of the peer, and a client presents their certificate without actually verifying the server identity.

This implies that there needs to be some control surface to allow applications to control certificate options. This needs to be separate to the existing peer identity constraints because these privacy protections are needed in the absence of identity assertions. In fact, anonymity cases are where these are most needed.

Comment 1 Harald Alvestrand 2014-10-31 16:29:04 UTC

Proposal made at TPAC 2014.

Comment 2 Martin Thomson 2014-11-05 00:15:56 UTC

https://github.com/w3c/webrtc-pc/pull/28

Comment 3 Dominique Hazael-Massieux 2014-12-15 10:39:43 UTC

WebRTC API bugs have been moved to github issues: https://github.com/w3c/webrtc-pc/issues

Please subscribe to the issues you want to keep watching.