IETF Logo Mail Archive

Re: [http-auth] [saag] re-call for IETF http-auth BoF

Nico Williams <nico@cryptonector.com> Tue, 07 June 2011 01:33 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5D4E11E8096 for <http-auth@ietfa.amsl.com>; Mon, 6 Jun 2011 18:33:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Nc8oJJiDhY3 for <http-auth@ietfa.amsl.com>; Mon, 6 Jun 2011 18:33:37 -0700 (PDT)
Received: from homiemail-a29.g.dreamhost.com (mailbigip.dreamhost.com [208.97.132.5]) by ietfa.amsl.com (Postfix) with ESMTP id 48FFD11E8090 for <http-auth@ietf.org>; Mon, 6 Jun 2011 18:33:37 -0700 (PDT)
Received: from homiemail-a29.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a29.g.dreamhost.com (Postfix) with ESMTP id E036E674070 for <http-auth@ietf.org>; Mon, 6 Jun 2011 18:33:36 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=cryptonector.com; h=mime-version :in-reply-to:references:date:message-id:subject:from:to:cc :content-type:content-transfer-encoding; q=dns; s= cryptonector.com; b=Vk2ArZ9KWY0ErYrnU+RovvXTKJyn/Tdipwg4W6/2lbEp TVbSJCYPc7gbjyATnP7ygNXQXo6+7O1c0Yj9AvKvXpRvxnWyUBWuBucpigF1QVKi 0z4SyIypmdTKzIVglCIge/Gy1Mbo4FdkgnBox4+QQa2vQHaPgSHgpGSigzvX4/8=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type:content-transfer-encoding; s= cryptonector.com; bh=CNmv5n+ONoQO/1Om7dO1XZR2nO4=; b=yAmsdKE9Xg+ JojfRzXclhL6vNEwxdtnfuHMLQt78r0941u8scy8mvJeplL23GfTgibJtqYJ5Dzx VIs1IOVvKhqdSE/Onqt2I++vxBlP+jy2+nLhtxjG6fdlM34zphyMACa5BuFW7PXZ 5bUXptrt5EgROf1n45K/U0jgSU0TkAks=
Received: from mail-px0-f182.google.com (mail-px0-f182.google.com [209.85.212.182]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a29.g.dreamhost.com (Postfix) with ESMTPSA id CF0F9674060 for <http-auth@ietf.org>; Mon, 6 Jun 2011 18:33:36 -0700 (PDT)
Received: by pxi20 with SMTP id 20so3651402pxi.27 for <http-auth@ietf.org>; Mon, 06 Jun 2011 18:33:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.14.103 with SMTP id o7mr26398pbc.523.1307410416396; Mon, 06 Jun 2011 18:33:36 -0700 (PDT)
Received: by 10.68.50.39 with HTTP; Mon, 6 Jun 2011 18:33:36 -0700 (PDT)
In-Reply-To: <4DED6EC9.4040300@cs.tcd.ie>
References: <878vtgfbs1.fsf@bluewind.rcis.aist.go.jp> <A89D85D0-00AB-4F21-8841-6707E9CDCFC4@gmx.net> <BANLkTind5rg-tOZJ+B2ocD_s=9_-rufH5Q@mail.gmail.com> <4DED55C5.1010306@extendedsubset.com> <4DED6EC9.4040300@cs.tcd.ie>
Date: Mon, 06 Jun 2011 20:33:36 -0500
Message-ID: <BANLkTi=_TkpA_09coN+wj-_R+QYhFTbjvA@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: http-auth@ietf.org
Subject: Re: [http-auth] [saag] re-call for IETF http-auth BoF
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-auth>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jun 2011 01:33:37 -0000

On Mon, Jun 6, 2011 at 7:20 PM, Stephen Farrell
<stephen.farrell@cs.tcd.ie> wrote:
> On 06/06/11 23:33, Marsh Ray wrote:
>> On 06/06/2011 04:44 PM, Nico Williams wrote:
>>>  But I'm afraid
>>> that the appearance of success will be enough to staunch progress in
>>> any other areas, so it may be a now-or-never situation for any
>>> alternatives other than JavaScript crypto APIs.
>>
>> Don't worry about it, they're not going to work even that well.
>
> Just trying to understand this. Why won't what work well?
> (Compared to Tom, Dick and Harry each doing the same thing
> in their own favourite way?)

People are already using JavaScript crypto algorithm implementations.
A crypto library implemented by the browsers themselves will at least
get the crypto algorithms right and perform better.  On the other
hand, a JS crypto API cannot prevent misuse of cryptographic
algorithms, nor can it do about the fact that it will be used from
untrusted scripts.  Regarding that last point, suppose a JS crypto API
included a PKCS#11-like interface to access a "token" (a smartcard,
effectively, either in the browser chrome, or an actual, hardware
smartcard)...  with such a thing one could prevent untrusted scripts
from reading secret keys, but not from _using_ them because the
browser will not have enough context to explain what's happening to
the user, nor will the user be able to decide for themselves whether
they should or should not allow a given script to use a given key.

But a JS crypto API can be delivered relatively quickly, and thus it
will seem like an accomplishment.  It might be a while before
consensus develops that indeed, a JS crypto API wasn't much of a
solution.

> Seriously - I think it'll be useful to know/document the
> limitations of this approach of developing a standard
> JS crypto API.

See above.

I said as much at the W3C workshop two weeks ago.  The minutes, last I
looked, record the fact that there was consensus for adding such APIs,
not that there was loud grumbling about their dangers.

Nico
--

v2.23.0 | Report a Bug | By Email