[whatwg] Proposal for secure key-value data stores

Dirk Pranke dpranke at chromium.org
Mon Aug 16 16:31:26 PDT 2010


On Mon, Aug 16, 2010 at 3:58 PM, Ian Hickson <ian at hixie.ch> wrote:
> On Tue, 30 Mar 2010, Dirk Pranke wrote:
>>
>> Nicholas is almost certainly discussing the case where the service
>> provider requires any data stored on a customer's computer to be
>> encrypted, not the provider's own computers. (e.g., this could be a
>> Yahoo! policy that data stored on Yahoo! users' computers must be
>> encrypted).
>>
>> Hence they cannot enforce anything like "use FileVault".
>
> If you can't enforce whole disk encryption, but you are concerned that an
> attacker could have access to your machine, it seems that there is no
> solution, since an attacker could just install a rootkit and then carry
> out arbitrary attacks remotely, including simply replacing the browser
> with one that intercepts all the user's data as it is written.
>

While it is true that it would not defend against all attacks, it will
still defend against some classes of attacks (e.g. casual snooping),
and may still be valuable.

-- Dirk

>
> On Tue, 30 Mar 2010, Dirk Pranke wrote:
>>
>> Perhaps we should instead focus on a set of JS Crypto APIs, since that
>> is largely orthogonal to the storage APIs?
>
> That would make more sense, I think. It would be useful in other scenarios
> too (such as replacing <keygen>). I would encourage people interested in
> such an approach to get vendors together and write a spec.
>
> --
> Ian Hickson               U+1047E                )\._.,--....,'``.    fL
> http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
> Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
>



More information about the whatwg mailing list