[whatwg] Proposal for secure key-value data stores

Dirk Pranke dpranke at chromium.org
Mon Aug 16 16:31:26 PDT 2010

On Mon, Aug 16, 2010 at 3:58 PM, Ian Hickson <ian at hixie.ch> wrote:
> On Tue, 30 Mar 2010, Dirk Pranke wrote:
>> Nicholas is almost certainly discussing the case where the service
>> provider requires any data stored on a customer's computer to be
>> encrypted, not the provider's own computers. (e.g., this could be a
>> Yahoo! policy that data stored on Yahoo! users' computers must be
>> encrypted).
>> Hence they cannot enforce anything like "use FileVault".
> If you can't enforce whole disk encryption, but you are concerned that an
> attacker could have access to your machine, it seems that there is no
> solution, since an attacker could just install a rootkit and then carry
> out arbitrary attacks remotely, including simply replacing the browser
> with one that intercepts all the user's data as it is written.

While it is true that it would not defend against all attacks, it will
still defend against some classes of attacks (e.g. casual snooping),
and may still be valuable.

-- Dirk

> On Tue, 30 Mar 2010, Dirk Pranke wrote:
>> Perhaps we should instead focus on a set of JS Crypto APIs, since that
>> is largely orthogonal to the storage APIs?
> That would make more sense, I think. It would be useful in other scenarios
> too (such as replacing <keygen>). I would encourage people interested in
> such an approach to get vendors together and write a spec.
> --
> Ian Hickson               U+1047E                )\._.,--....,'``.    fL
> http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
> Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

More information about the whatwg mailing list