Fwd: Time to dump NSS

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Fwd: Time to dump NSS

Daniel Veditz-2
Forwarding to dev-tech-crypto where this is more on-topic.

-Dan Veditz

NSS was designed when physically distributed smart cards were anticipated to become the norm.

This didn't really happen but instead we got mobile devices with support for TEEs (Trusted Execution Environments):
http://webpki.org/papers/SKS-KeyGen2_FullStack.pdf

NSS cannot deal with provisioning of TEEs because it doesn't support provisioning of keys in an E2ES (End-To-End-Security) fashion.  This is hardly surprising since <keygen> was designed 1995.

In addition we need entirely new key access protection models:
http://webpki.org/papers/key-access.pdf

With a new key-system you could do things like:
https://mobilepki.org/WebCryptoPlusPlus

There's much more to this but I wanted to hear what Mozilla are thinking regarding key-storage.

I'm prepared to help making this upgrade possible!

Cheers,
Anders Rundgren
_______________________________________________
dev-security mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-security

--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto
Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Time to dump NSS

Anders Rundgren-2
On 2014-10-24 00:25, Daniel Veditz wrote:
> Forwarding to dev-tech-crypto where this is more on-topic.

Dan,

This is not really a cryptographic problem, it rather an platform architecture and strategy issue.

This single-page presentation shows another part of the puzzle which clearly is outside of NSS:
http://webpki.org/papers/key-access.pdf

Regards,
Anders Rundgren

>
> -Dan Veditz
>

--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto
Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Time to dump NSS

Daniel Veditz-2
Your subject, "time to dump NSS", intimately affects NSS developers who
will have to worry about replacing all the things NSS does for us before
they can even start to think about the additional concepts.

If you're proposing a mechanism that can live on the side without
actually dumping NSS then I suppose we can discuss it elsewhere, but if
it involves cryptography (how could it not?) then the tech.crypto group
is the one the people who know about cryptography participate in.

There are several (sometimes competing) efforts within the W3 and IETF
to create standards around concepts like key management. We're unlikely
to implement a solution that doesn't get buy-in from other browser and
server makers in that kind of forum.

-Dan Veditz

--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto
Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Time to dump NSS

Anders Rundgren-2
On 2014-10-24 07:11, Daniel Veditz wrote:
> Your subject, "time to dump NSS", intimately affects NSS developers who
> will have to worry about replacing all the things NSS does for us before
> they can even start to think about the additional concepts.

I fully understand that.

> If you're proposing a mechanism that can live on the side without
> actually dumping NSS then I suppose we can discuss it elsewhere,

According to Paul T Mozilla have such discussions but they are not public
(HW-vendors like to plot in secrecy) so it is not obvious how to go forward.
I would consider a task-force.

The idea is creating a new secure core based on a TEE like Apple and Google have.
The new core would indeed have to support legacy APIs like NSS.


> but if it involves cryptography (how could it not?) then the tech.crypto group
> is the one the people who know about cryptography participate in.

It would be a combination of crypto and OS architecture, perhaps like:
http://webpki.org/papers/SKS-KeyGen2_FullStack.pdf


> There are several (sometimes competing) efforts within the W3 and IETF
> to create standards around concepts like key management. We're unlikely
> to implement a solution that doesn't get buy-in from other browser and
> server makers in that kind of forum.

So far nobody has done anything even close to what I'm proposing.
Well, Apple may have but they didn't take it to standardization yet.
I believe that's very wise, complex stuff must mature in the real world first.

I don't think an SDO can take on a project of this kind.  SDOs only
deal with partial solutions which is why we during the 20 years with
credit-card payments on the web haven't moved one inch forward to make
them Secure AND Convenient.

Anyway, you wouldn't necessarily have to start from zero in case Mozilla
feels that the groundwork me and my colleges have done could be useful.

Regards,
Anders Rundgren


>
> -Dan Veditz
>

--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto