IETF Logo Mail Archive

[jose] Charter Proposal: "Trusted Code" for the Web

Anders Rundgren <anders.rundgren.net@gmail.com> Thu, 19 March 2015 05:41 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A34B1A8934 for <jose@ietfa.amsl.com>; Wed, 18 Mar 2015 22:41:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S8y77dlx3wHa for <jose@ietfa.amsl.com>; Wed, 18 Mar 2015 22:41:02 -0700 (PDT)
Received: from mail-wg0-x22c.google.com (mail-wg0-x22c.google.com [IPv6:2a00:1450:400c:c00::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91B011A891D for <jose@ietf.org>; Wed, 18 Mar 2015 22:41:02 -0700 (PDT)
Received: by wgbcc7 with SMTP id cc7so52853152wgb.0 for <jose@ietf.org>; Wed, 18 Mar 2015 22:41:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type; bh=bxews5fn+BmDAr7tLmirlj6ALfMWVYPWOhcJR7z0M9s=; b=Q1Jwh4mYbfe+N5so5VKiARHUbUBMbhvXpbeGKzMc4bdUgjgl4Ke8rZrF1OF6MKPkY7 U4o/Mvx6U2NKamsovqZaaYxnLOyfVpOsOiexEo/yxPB2uusupRrRqQqgzAFBjf8tORRS JrADuDZCNC7P372Q06cu8iPbKuEQH9HJgW+3wSF06kjB83ROFJGmofr59rqoig2qWUqs X4nh8jinvxM196rQtBv7J2xiPPn8aIwzsjhitasaXhbkRbA9SygbPgAKOZllQXMsB6wz vacf6DbtLeqWK8+3T8EfkQL+M2B4Tb1oVgSWtasAQdzc7TCUENAVl/BmPRso41fP3/EC Xitw==
X-Received: by 10.194.86.194 with SMTP id r2mr151985414wjz.41.1426743661383; Wed, 18 Mar 2015 22:41:01 -0700 (PDT)
Received: from [192.168.1.79] (4.197.130.77.rev.sfr.net. [77.130.197.4]) by mx.google.com with ESMTPSA id ps4sm415271wjc.31.2015.03.18.22.41.00 for <jose@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 18 Mar 2015 22:41:00 -0700 (PDT)
Message-ID: <550A6154.9040907@gmail.com>
Date: Thu, 19 Mar 2015 06:40:36 +0100
From: Anders Rundgren <anders.rundgren.net@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: "jose@ietf.org" <jose@ietf.org>
References: <550909EF.4040505@gmail.com>
In-Reply-To: <550909EF.4040505@gmail.com>
Content-Type: multipart/alternative; boundary="------------030007020407030103010101"
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/d-vHbjs7tsv51Raa9ZI0PoGCAW4>
Subject: [jose] Charter Proposal: "Trusted Code" for the Web
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Mar 2015 05:41:04 -0000

Trusted Code for the Web

Existing security-related applications like authentication, payments, etc. are all based on that a core-part is executed by statically installed software that is supposed to be TRUSTED.

Since web-based applications are transiently downloaded, unsigned and come from any number of more or less unknown sources, such applications are by definition UNTRUSTED.

To compensate for this, web-based security applications currently rely on a hodge-podge of non-standard methods [1] where trusted code resides (and executes) somewhere outside of the actual web application.

However, because each browser-vendor have their own idea on what is secure and useful [2], interoperability has proven to be a major hassle.  In addition, the ongoing quest for locking down browsers (in order to make them more secure), tends to break applications after browser updates.

Although security applications are interesting, they haven't proved to be a driver.  Fortunately it has turned out that the desired capability ("Trusted Code"), is also used by massively popular music streaming services, cloud-based storage systems, on-line gaming sites and open source collaboration networks.

The goal for the proposed effort would be to define a vendor- and device-neutral solution for dealing with trusted code on the Web.


*References**
*
1] An non-exhaustive list include:
- Custom protocol handlers.  Primarily used on Android and iOS. GitHub also uses it on Windows
- Local web services on 127.0.0.1.  Used by lots of services, from Spotify to digital signatures
- Browser plugins like NPAPI/ActiveX.  Used (for example) by millions of people in Korea for PKI support but is now being deprecated
- Chrome native messaging.  Fairly recent solution which enables Native <=> Web communication

2] https://code.google.com/p/chromium/issues/detail?id=378566

v2.23.0 | Report a Bug | By Email