You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Implementations may execute cryptographic operations in the client, potentially exposing a user’s private key to JavaScript, which makes keys vulnerable to exfiltration.
If “in the client” here means in webpage code, this is true. But since this is an extension to Web Crypto, which has non-extractable keys, it should explain why those are insufficient. It seems like key issues from our POV (besides security implementation details) are inability to access a non-extractable keys stored in e.g. IndexedDB from another device; or from a native apps on the same device. The problem statement should say that.
The text was updated successfully, but these errors were encountered:
It's also, to my knowledge, impossible to store non-extractable Web Crypto keys in a truly persistent way, such as you would want for a long-term identity key. Is that part of the motivation for this proposal, too?
That's correct @othermaciej , by "in the client" we mean in webpage code.
We agree the explainer can be clearer on why the existing CryptoKey properties don't cover our use case. Basically, we can’t rely on the extractable: false property because these keys must satisfy 2 other properties:
they’re long lived, meaning they aren’t destroyed when a browser’s memory is cleared
they’re usable by other browsers and other applications (eg a decryption key used in Safari, Chrome, Mail.app, and Gmail.app).
If “in the client” here means in webpage code, this is true. But since this is an extension to Web Crypto, which has non-extractable keys, it should explain why those are insufficient. It seems like key issues from our POV (besides security implementation details) are inability to access a non-extractable keys stored in e.g. IndexedDB from another device; or from a native apps on the same device. The problem statement should say that.
The text was updated successfully, but these errors were encountered: