[liberationtech] WebCrypto API last call
elijah
elijah at riseup.net
Wed May 14 22:26:22 PDT 2014
As a reminder, W3C WebCrypto API [1] is currently in "Last Call Working
Draft". Speak now or forever hold your peace, as they say. This is going
to be in the browsers sooner than you think.
There is a lot to like, and a lot to dislike. Some things to dislike:
(1) rejection of Curve 25519 as part of the standard.
(2) "extractable" key insanity
What is an extractable key? If a private key has the extractable flag
set [2], then the javascript application will have access to the raw key
material, presumably to send it to the server and back it up on the
user's behalf. How convenient. Unless the user has control over whether
this can be enabled or disabled, extractable keys are basically a giant
backdoor that reduces the security of WebCrypto's key management to
nothing much better than what we have now (trust the origin for everything).
If you have comments, follow the directions on [1].
-elijah
[1] http://www.w3.org/TR/WebCryptoAPI/
[2] http://www.w3.org/TR/WebCryptoAPI/#dfn-Key-extractable
More information about the liberationtech
mailing list