Re: Fwd: Time to dump NSS
On 2014-10-24 00:25, Daniel Veditz wrote: Forwarding to dev-tech-crypto where this is more on-topic. Dan, This is not really a cryptographic problem, it rather an platform architecture and strategy issue. This single-page presentation shows another part of the puzzle which clearly is outside of NSS: http://webpki.org/papers/key-access.pdf Regards, Anders Rundgren -Dan Veditz -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Fwd: Time to dump NSS
On 2014-10-24 07:11, Daniel Veditz wrote: Your subject, time to dump NSS, intimately affects NSS developers who will have to worry about replacing all the things NSS does for us before they can even start to think about the additional concepts. I fully understand that. If you're proposing a mechanism that can live on the side without actually dumping NSS then I suppose we can discuss it elsewhere, According to Paul T Mozilla have such discussions but they are not public (HW-vendors like to plot in secrecy) so it is not obvious how to go forward. I would consider a task-force. The idea is creating a new secure core based on a TEE like Apple and Google have. The new core would indeed have to support legacy APIs like NSS. but if it involves cryptography (how could it not?) then the tech.crypto group is the one the people who know about cryptography participate in. It would be a combination of crypto and OS architecture, perhaps like: http://webpki.org/papers/SKS-KeyGen2_FullStack.pdf There are several (sometimes competing) efforts within the W3 and IETF to create standards around concepts like key management. We're unlikely to implement a solution that doesn't get buy-in from other browser and server makers in that kind of forum. So far nobody has done anything even close to what I'm proposing. Well, Apple may have but they didn't take it to standardization yet. I believe that's very wise, complex stuff must mature in the real world first. I don't think an SDO can take on a project of this kind. SDOs only deal with partial solutions which is why we during the 20 years with credit-card payments on the web haven't moved one inch forward to make them Secure AND Convenient. Anyway, you wouldn't necessarily have to start from zero in case Mozilla feels that the groundwork me and my colleges have done could be useful. Regards, Anders Rundgren -Dan Veditz -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Fwd: Time to dump NSS
Forwarding to dev-tech-crypto where this is more on-topic. -Dan Veditz ---BeginMessage--- NSS was designed when physically distributed smart cards were anticipated to become the norm. This didn't really happen but instead we got mobile devices with support for TEEs (Trusted Execution Environments): http://webpki.org/papers/SKS-KeyGen2_FullStack.pdf NSS cannot deal with provisioning of TEEs because it doesn't support provisioning of keys in an E2ES (End-To-End-Security) fashion. This is hardly surprising since keygen was designed 1995. In addition we need entirely new key access protection models: http://webpki.org/papers/key-access.pdf With a new key-system you could do things like: https://mobilepki.org/WebCryptoPlusPlus There's much more to this but I wanted to hear what Mozilla are thinking regarding key-storage. I'm prepared to help making this upgrade possible! Cheers, Anders Rundgren ___ dev-security mailing list dev-secur...@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security ---End Message--- -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Fwd: Time to dump NSS
Your subject, time to dump NSS, intimately affects NSS developers who will have to worry about replacing all the things NSS does for us before they can even start to think about the additional concepts. If you're proposing a mechanism that can live on the side without actually dumping NSS then I suppose we can discuss it elsewhere, but if it involves cryptography (how could it not?) then the tech.crypto group is the one the people who know about cryptography participate in. There are several (sometimes competing) efforts within the W3 and IETF to create standards around concepts like key management. We're unlikely to implement a solution that doesn't get buy-in from other browser and server makers in that kind of forum. -Dan Veditz -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto