Re: Privacy Interest Group to review Web Crypto API - a draft

Hi Harry,

My sense is that it may be premature, at this time, to engage the PING
- or at least, that we should set the expectation that a 'real' review
will be necessary.

We still have a number of items to burn down on our list, and some of
them directly touch on privacy sensitive areas, such as the use of
unique IDs, or the user interaction behaviours for key generation or
importation. My sense of feedback as well is that some members,
whether directly or indirectly, do not want to adhere to same-origin
policies, whether through granting a key to other origins ( ISSUE-26
), or how origin-authorized keys and attributes behave in the presence
of multiple origins.

I would suggest that we wait until after TPAC before we begin engaging
in reviews that will require careful and thorough analysis, and
instead focus on engaging the broader community and soliciting
feedback on the many, many unresolved issues that still exist.

That's not to say anyone who is interested shouldn't review it, but I
think we should just be setting expectations that this is still very
much a draft, despite it's publication as FPWD, and many important
features and functionality are still under-specified.

Cheers,
Ryan

On Thu, Sep 20, 2012 at 7:25 AM, Harry Halpin <hhalpin@w3.org> wrote:
> The W3C PING (Privacy Interest Working Group) was hoping to review the
> WebCrypto API, and I just wrote this off the top of my head. Does this sound
> about right as a sort of few issues for them to look at?
>
> ---------
>
> The WebCrypto API has a number of privacy-related functionality that should
> be reviewed by the W3C PING IG [1].
>
> Off the top of my head, one can also do possible finger-printing of browser
> types in the current spec by running through the operations allowed by the
> API in a given browser/JS environment, but that would likely only manage to
> figure out what browser (and possibly device, if the API wires into device
> or OS-specific crypto) the user is running by indirectly by seeing what
> crypto algorithms are supported. Another more important potential red-flag
> is the ability to import/export keys. Although we do currently obey basic
> constraints like same-origin policy, one can imagine keys being created to
> identify browsers in the same manner of cookies. There is also the
> possibility of using pre-provisioned keys and keys previously generated and
> imported.
>
>  As for more possible future features with an impact on privacy, see the
> charter [2]. In particular secondary features:
>
> "Secondary API Features that may be in scope are: control of TLS session
> login/logout, derivation of keys from TLS sessions, a simplified data
> protection function, multiple key containers, key import/export, a common
> method for accessing and defining properties of keys, and the lifecycle
> control of credentials such enrollment, selection, and revocation of
> credentials with a focus enabling the selection of certificates for signing
> and encryption."
>
> So I imagine simplified data protection, interactions with multiple key
> containers (including those of the API), digital signatures, and certificate
> support would all have privacy implications re fingerprinting. Yet is not
> that necessary to achieve some of the security properties needed for some
> applications? And the larger philosophical question would be is that should
> we 1) prevent applications from being built due to privacy concerns by not
> creating such functions
>
> We'd love a written commentary on privacy to
> public-webcrypto-comments@w3.org and hopefully we can do a telecon with you
> at one of your future meetings.
>
> [1]http://www.w3.org/TR/WebCryptoAPI/
> [2]http://www.w3.org/2011/11/webcryptography-charter.html
>
>    cheers,
>       harry

Received on Thursday, 20 September 2012 17:33:37 UTC