IRC log of hb-secure-services on 2016-06-01

Timestamps are in UTC.

13:03:20 [RRSAgent]

RRSAgent has joined #hb-secure-services

13:03:20 [RRSAgent]

logging to http://www.w3.org/2016/06/01-hb-secure-services-irc

13:03:23 [Zakim]

Zakim has joined #hb-secure-services

13:16:16 [wseltzer]

wseltzer has changed the topic to: HB-Secure Services call 1400 UTC June 1, https://lists.w3.org/Archives/Public/public-hb-secure-services/2016May/0011.html

13:16:19 [wseltzer]

Agenda: https://lists.w3.org/Archives/Public/public-hb-secure-services/2016May/0011.html

13:57:53 [colin]

colin has joined #hb-secure-services

14:00:38 [phofmanntsy]

phofmanntsy has joined #hb-secure-services

14:01:26 [wseltzer]

present+ wseltzer

14:01:50 [virginie]

virginie has joined #hb-secure-services

14:01:58 [acouvert]

acouvert has joined #hb-secure-services

14:01:59 [virginie]

hi all, call is starting :)

14:02:10 [wseltzer]

present+ virginie, acouvert

14:02:12 [acouvert]

hello everyone

14:02:54 [wseltzer]

zakim, who is here?

14:02:54 [Zakim]

Present: wseltzer, virginie, acouvert

14:02:56 [Zakim]

On IRC I see acouvert, virginie, phofmanntsy, colin, Zakim, RRSAgent, schuki_, wseltzer

14:03:16 [phofmanntsy]

present+ phofmanntsy

14:03:17 [Sebastien]

Sebastien has joined #hb-secure-services

14:03:59 [wseltzer]

present+ rigo

14:04:00 [rigo]

rigo has joined #hb-secure-services

14:04:05 [wseltzer]

present+ colin

14:04:23 [wseltzer]

present+ bruno

14:04:37 [wseltzer]

present+ Sebastien

14:05:03 [wseltzer]

present+ opotonnier

14:05:13 [wseltzer]

present+ Ketan

14:06:11 [virginie]

agenda?

14:06:12 [mzwolinski]

mzwolinski has joined #hb-secure-services

14:06:49 [Ketan]

Ketan has joined #hb-secure-services

14:06:50 [virginie]

agenda+ Welcome and introduction

14:06:54 [brunoj]

brunoj has joined #hb-secure-services

14:07:12 [virginie]

agenda+ CG objective reminder

14:07:26 [virginie]

agenda+ Review of Morpho’s contribution (see https://rawgit.com/w3c/websec/gh-pages/hbss.html)

14:07:49 [virginie]

agenda+ Discussing use case description

14:08:02 [virginie]

agenda+ Discussing technical proposal

14:08:18 [wseltzer]

zakim, who is here?

14:08:18 [Zakim]

Present: wseltzer, virginie, acouvert, phofmanntsy, rigo, colin, bruno, Sebastien, opotonnier, Ketan

14:08:19 [virginie]

zakim, who is here ?

14:08:21 [Zakim]

On IRC I see brunoj, Ketan, mzwolinski, rigo, Sebastien, acouvert, virginie, phofmanntsy, colin, Zakim, RRSAgent, schuki_, wseltzer

14:08:21 [Zakim]

Present: wseltzer, virginie, acouvert, phofmanntsy, rigo, colin, bruno, Sebastien, opotonnier, Ketan

14:08:21 [Zakim]

On IRC I see brunoj, Ketan, mzwolinski, rigo, Sebastien, acouvert, virginie, phofmanntsy, colin, Zakim, RRSAgent, schuki_, wseltzer

14:08:52 [phofmanntsy]

Peter Hofmann

14:09:00 [wseltzer]

present+ mzwolinski

14:09:22 [virginie]

agenda ?

14:09:35 [wseltzer]

zakim, take up agendum 1

14:09:36 [Zakim]

agendum 1. "Welcome and introduction" taken up [from virginie]

14:10:28 [opoto]

opoto has joined #hb-secure-services

14:10:44 [Laurent_]

Laurent_ has joined #hb-secure-services

14:11:05 [wseltzer]

present+ Laurent

14:11:33 [wseltzer]

zakim, take up next agendum

14:11:33 [Zakim]

agendum 2. "CG objective reminder" taken up [from virginie]

14:11:46 [opoto]

present+ opoto

14:12:28 [wseltzer]

virginie: goal of this CG is to demonstrate the value of using hardware-provided secure services for the Web

14:12:46 [wseltzer]

... aim to be quick, to spark conversations with user-agent-implementers

14:12:57 [wseltzer]

... in order to bring proposal to W3C

14:13:06 [wseltzer]

... timeline, a few months

14:13:26 [wseltzer]

virginie: documentation and prototyping/demonstration

14:13:48 [wseltzer]

zakim, take up next agendum

14:13:48 [Zakim]

agendum 3. "Review of Morpho’s contribution (see https://rawgit.com/w3c/websec/gh-pages/hbss.html)" taken up [from virginie]

14:14:23 [wseltzer]

virginie: Sebastien sent draft to list

14:14:48 [wseltzer]

-> https://rawgit.com/w3c/websec/gh-pages/hbss.html Sebastien's draft Hardware Based Secure Services Report

14:14:57 [virginie]

The draft is here : https://rawgit.com/w3c/websec/gh-pages/hbss.html

14:14:59 [wseltzer]

Sebastien: review the high-level table of contents

14:15:19 [wseltzer]

... this is a draft to kick off conversation

14:16:05 [wseltzer]

... Terminology; Problem Statement; Use Cases

14:17:02 [wseltzer]

... Problem statment: key access, management, user verification

14:17:20 [wseltzer]

... API design

14:17:41 [wseltzer]

... at high-level, key usage, and secure credential storage and management.

14:18:07 [wseltzer]

... Architectures and security requirements

14:19:12 [wseltzer]

virginie: thanks Sebastien! I sent some comments

14:19:52 [wseltzer]

... use cases are important, to convince implementers there's value

14:20:03 [wseltzer]

... questions?

14:21:19 [wseltzer]

virginie: are we going to describe scenarios where smartcard or trusted UI is used?

14:21:42 [wseltzer]

... e.g. citizen identity, high-level?

14:21:54 [wseltzer]

... or more detailed to secure transaction confirmation, key management?

14:22:12 [wseltzer]

Sebastien: possibly both

14:22:27 [wseltzer]

... e.g., Estonian citizen who wants to sign documents, needs to prove identity, make signature

14:22:46 [wseltzer]

... then propose use transaction confirmation as alternative

14:22:51 [wseltzer]

... to achieve functional goal

14:24:23 [wseltzer]

Sebastien: if we want to add transportation, e-health, people should give input on the use cases

14:24:46 [wseltzer]

virginie: I'll ping Deutsche Telekom on transportation

14:25:13 [wseltzer]

... remove topics on which there's no contribution (for the moment)

14:25:51 [colin]

colin has joined #hb-secure-services

14:26:52 [wseltzer]

virginie: a short paragraph on how secure transaction confirmation and secure credential storage support those use cases

14:26:56 [wseltzer]

... then move on to API

14:27:08 [mr]

mr has joined #hb-secure-services

14:28:26 [opoto]

opoto has left #hb-secure-services

14:28:46 [wseltzer]

virginie: did we say we'd cover device authentication?

14:29:00 [wseltzer]

Sebastien: Visa requested for online payments

14:29:11 [wseltzer]

... instead of explicit end-user authentication

14:30:13 [wseltzer]

virginie: I was expecting an API for transaction confirmation; an API for using and storing keys

14:30:42 [wseltzer]

Sebastien: so for signature, do we say "rely on webcrypto, with additional support"?

14:30:44 [brunoj]

q+

14:30:57 [wseltzer]

rrsagent, draft minutes

14:30:57 [RRSAgent]

I have made the request to generate http://www.w3.org/2016/06/01-hb-secure-services-minutes.html wseltzer

14:31:29 [wseltzer]

opoto: we can reuse webcrypto with additional notion of a crypto provider

14:31:31 [rigo]

q+

14:31:37 [wseltzer]

ack brunoj

14:31:53 [wseltzer]

brunoj: hardware backing on webcrypto would answer 80-90% of use cases

14:32:11 [wseltzer]

... is that an acceptable option?

14:32:52 [wseltzer]

... that would be valuable

14:33:23 [wseltzer]

virginie: that proposal could be made to W3C, either to extend WebCrypto or in a new WG

14:33:26 [wseltzer]

ack rigo

14:35:30 [wseltzer]

rigo: issue of unscoped token

14:36:38 [colin_]

colin_ has joined #hb-secure-services

14:36:42 [rigo]

rigo: We shouldn't preclude too many things. CGs are made to explore. We will find new issues running down the generic use cases, find that imagined issues aren't as dramatic and perhaps add needed futures (scope of tokens)

14:36:59 [rigo]

RRSAgent, please draft minutes

14:36:59 [RRSAgent]

I have made the request to generate http://www.w3.org/2016/06/01-hb-secure-services-minutes.html rigo

14:39:03 [rigo]

sebastion: scope could be within the key itself to avoid relying on browser implementation

14:39:57 [wseltzer]

https://www.w3.org/TR/webauthn/

14:40:03 [virginie]

in web authentication : scoped is aused here : https://w3c.github.io/webauthn/#iface-credentialInfo

14:40:41 [Sebastien]

sebastien: proposition to rely upon existing keys with scoping enforced by browsers

14:41:02 [brunoj]

https://www.w3.org/TR/2016/WD-webauthn-20160531/#scopedcredentialinfo ?

14:41:10 [wseltzer]

[[ Scoped credentials are always scoped to a single WebAuthn Relying Party. ]]

14:41:27 [wseltzer]

https://w3c.github.io/webauthn/#use-cases

14:46:00 [wseltzer]

virginie: work to propose amendment to webcrypto that supports storing a scoped key in hardware

14:46:03 [colin]

colin has joined #hb-secure-services

14:50:57 [virginie]

scribenick : virginie

14:51:29 [virginie]

bruno : how do you select the key in the TEE or Secure Element ? how will be managed the choice ? any naming rule ?

14:51:47 [virginie]

sebastien : do you mean pre-filterning the type of SE that may be used ?

14:51:51 [virginie]

bruno : yes

14:52:06 [virginie]

bruno : and usually there is only one credential

14:52:33 [virginie]

sebastien : filtering is also about being able to discover what is inside the providers

14:53:07 [virginie]

sebastien : proposal is not to allow to select by the user, it is more about the authority that will help making choice

14:53:54 [rigo]

q+

14:54:11 [virginie]

bruno : thinking about the already enrolled credentials in the web part

14:54:39 [virginie]

bruno : discovering can be risky, but the discovery could be made by OS and/or by browser

14:55:08 [virginie]

bruno : in current implem, you can select at browser level the type of video/camero you want to use

14:55:43 [virginie]

sebastien : yes, and video is not a sensitive value, whereas, secure element and sensitive application may be more complex to handle

14:56:05 [virginie]

sebastien : discovering by a simple service request, has to be protected

14:56:38 [virginie]

rigo : an API must not deal with User Interface, the web app will handle it

14:57:36 [virginie]

rigo : about the naming, ig you find id in the web, you can always turn them into URIs, so, we should be cerfull allowing any web app scanning key presence without user consent

14:57:46 [brunoj]

q+

14:57:48 [virginie]

s/cerfull/carefull

14:57:56 [rigo]

ack ri

14:58:29 [brunoj]

q-

14:59:27 [virginie]

option 1 : the user select the key, option 2 : the user pre-defines a choice that the borwser owns, option 3 : the certification authority is the main trigger to elect the right key

15:01:13 [virginie]

it is discussed that the borwser first filter based on CA, and at the end of the day, the user will have to be aware that this is happening

15:01:38 [rigo]

key discovery is certainly a fingerprinting issue

15:03:28 [virginie]

q+

15:03:33 [virginie]

q-

15:05:06 [virginie]

sebastien : about the digital sinature, we will have to sign the document without displaying it to the user

15:05:41 [virginie]

sebastien : thus, it will be the choice of the service provider to accept the signature with some non-repudiation data

15:06:20 [virginie]

sebastien : there should have some nested operation, such as signing document, then signing the message, and checking both are valid

15:06:40 [rigo]

q+

15:07:05 [virginie]

rigo : why document can not be presented in trusted UI

15:07:17 [rigo]

ack rig

15:07:36 [virginie]

sebastien : because Tusted UI has some capabilities which are limited

15:08:17 [virginie]

sébastien : thus we have to provide a complex document signature, but we have to add another step for the non-repudiation

15:08:38 [virginie]

sébastien : we need to provide something that is understood by the end user

15:15:02 [wseltzer]

q+

15:15:18 [virginie]

rigo : feel there is a limitation in stating that a large or complex document can not be used in a Trusted UI, and this is not suitable to the web spirit

15:15:55 [virginie]

sebastien : but the garantee that the user confirm the content has to take into account the accessibility, the capability of the user to actually check every bit of the docu, including the images

15:16:26 [virginie]

rigo : we should define an intermediate levl where we can garantee that there is a 'some' security in the digital signature

15:16:43 [virginie]

to rigo, please check I correclty reported your statement :)

15:17:36 [virginie]

sébastien : the trusted Ui should not rely on the browser, but on the system underlying (TEE or operating system, or whatever is able to provide some secure display)

15:17:56 [virginie]

s/whatever/whatever or a middleware

15:18:01 [wseltzer]

q-

15:19:30 [virginie]

virginie : lets comment the chapter 5

15:19:49 [virginie]

sébastien : this is description of the different elements that will be involved into that solution

15:20:29 [virginie]

sébastien : there are some parts touching the browser, parts touching the operating system, each of them having their caracteristics (Windows and android hving different security models)

15:20:49 [virginie]

sébastien : it is a decsription of the security requirements

15:23:16 [brunoj]

ok for me

15:23:33 [brunoj]

+1

15:23:33 [Sebastien]

+1

15:23:35 [rigo]

-1 very difficult that week

15:23:37 [virginie]

+1

15:23:52 [colin]

colin has joined #hb-secure-services

15:26:17 [virginie]

https://www.w3.org/community/hb-secure-services/participants

15:27:53 [wseltzer]

virginie: next meeting June 15

15:28:03 [wseltzer]

[adjourned]

15:28:10 [wseltzer]

zakim, list attendees

15:28:10 [Zakim]

As of this point the attendees have been wseltzer, virginie, acouvert, phofmanntsy, rigo, colin, bruno, Sebastien, opotonnier, Ketan, mzwolinski, Laurent

15:28:17 [wseltzer]

rrsagent, make logs public

15:28:21 [wseltzer]

rrsagent, draft minutes

15:28:21 [RRSAgent]

I have made the request to generate http://www.w3.org/2016/06/01-hb-secure-services-minutes.html wseltzer

16:18:08 [mzwolinski]

mzwolinski has joined #hb-secure-services

16:18:54 [mzwolinski]

mzwolinski has left #hb-secure-services

16:54:23 [phofmanntsy]

phofmanntsy has joined #hb-secure-services

17:13:12 [phofmanntsy]

phofmanntsy has joined #hb-secure-services