Re: [KEYPROV] CMS Usage in a Browser Environment
Hannes Tschofenig <hannes.tschofenig@gmx.net> Wed, 19 January 2011 12:07 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: keyprov@core3.amsl.com
Delivered-To: keyprov@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 644673A6FB9 for <keyprov@core3.amsl.com>; Wed, 19 Jan 2011 04:07:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.554
X-Spam-Level:
X-Spam-Status: No, score=-102.554 tagged_above=-999 required=5 tests=[AWL=0.045, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sDsRzeAi2h5i for <keyprov@core3.amsl.com>; Wed, 19 Jan 2011 04:06:59 -0800 (PST)
Received: from mailout-de.gmx.net (mailout-de.gmx.net [213.165.64.22]) by core3.amsl.com (Postfix) with SMTP id 8C11D3A6FB4 for <keyprov@ietf.org>; Wed, 19 Jan 2011 04:06:52 -0800 (PST)
Received: (qmail invoked by alias); 19 Jan 2011 12:09:31 -0000
Received: from unknown (EHLO [10.255.139.127]) [192.100.123.77] by mail.gmx.net (mp036) with SMTP; 19 Jan 2011 13:09:31 +0100
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX1/hBoxz1rbhwlwzD5ZpSy/nvG9kUG5tJYcTOLQ8ip brAgEXv++3jdHw
Mime-Version: 1.0 (Apple Message framework v1082)
Content-Type: text/plain; charset="us-ascii"
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
In-Reply-To: <4D36CFD3.8030403@telia.com>
Date: Wed, 19 Jan 2011 14:09:28 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <92785801-D43A-4BD9-B933-EDD32A1A39A0@gmx.net>
References: <3E2A0ABE-05DA-4641-A8A8-BDE967A1D2D9@gmx.net> <4D36CFD3.8030403@telia.com>
To: Anders Rundgren <anders.rundgren@telia.com>
X-Mailer: Apple Mail (2.1082)
X-Y-GMX-Trusted: 0
Cc: Hannes Tschofenig <hannes.tschofenig@gmx.net>, KEYPROV <keyprov@ietf.org>
Subject: Re: [KEYPROV] CMS Usage in a Browser Environment
X-BeenThere: keyprov@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Provisioning of Symmetric Keys \(keyprov\)" <keyprov.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyprov>
List-Post: <mailto:keyprov@ietf.org>
List-Help: <mailto:keyprov-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jan 2011 12:07:00 -0000
Hi Anders, yes, I vaguely recall that discussion. The issue you raise does not necessarily relate to the cryptographic functionality of CMS but rather the ability to access a key store from JavaScript. This would be largely independent of the actual approach for signing. Right? While your point is indeed valid the question I have is more along the lines of implementing the cryptographic mechanisms in JavaScript in the browser and whether someone had tried to implement CMS there. Ciao Hannes On Jan 19, 2011, at 1:49 PM, Anders Rundgren wrote: > Hannes Tschofenig wrote: >> Hi all, I am wondering whether someone has gotten some experience with CMS usage in > a browser based environment for signing JSON tokens (or other content). > > Hi Hannes, > > I believe almost every browser is running on a cryptographic platform that > supports CMS. However, they don't expose this functionality because that > would be a security problem unless there is a GUI involved where the user > grants the browser to sign an object including saying which key to use. > > This is essentially what I've been ranting about since years back: > you don't get anywhere unless you start programming browsers or know > somebody who do. > > What the GUI should contain is depending on the underlaying application. > In WASP (http://webpki.org/papers/wasp/wasp-tutorial.pdf) it is about > signing a document (request), while in KeyGen2 (http://webpki.org/auth-token-4-the-cloud.html) > it is about allowing an issuer creating keys. > > I have FWIW downloaded Firefox 4 beta code and have managed to compile > it at least. Since this isn't my day-job I guess the rest will be slow. > If there is somebody out there who is interested in making browsers more > capable, just drop me a line :-) > > Cheers, > Anders > >> Ciao >> Hannes >> PS: I am working with others on a BOF about JSON cryptographic procedures: >> http://trac.tools.ietf.org/bof/trac/wiki/WikiStart >> _______________________________________________ >> KEYPROV mailing list >> KEYPROV@ietf.org >> https://www.ietf.org/mailman/listinfo/keyprov > > > _______________________________________________ > KEYPROV mailing list > KEYPROV@ietf.org > https://www.ietf.org/mailman/listinfo/keyprov
- [KEYPROV] CMS Usage in a Browser Environment Hannes Tschofenig
- Re: [KEYPROV] CMS Usage in a Browser Environment Anders Rundgren
- Re: [KEYPROV] CMS Usage in a Browser Environment Hannes Tschofenig
- Re: [KEYPROV] CMS Usage in a Browser Environment Anders Rundgren