Privacy/Features/DOMCryptAPI

From MozillaWiki
Jump to navigation Jump to search
Please use "Edit with form" above to edit this page.

Status

DOMCryptAPI (a Crypto API in the DOM)
Stage Shelved
Status `
Release target `
Health `
Status note THIS API DESIGN IS SUPERSEDED BY http://www.w3.org/2012/webcrypto/WebCryptoAPI/ Currently a Firefox Extension as well as the 'strawman' proposal for a new W3C standard, DOMCrypt adds a new Window property that wraps NSS crypto functions, see https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest and http://www.w3.org/2011/11/webcryptography-charter.html

{{#set:Feature name=DOMCryptAPI (a Crypto API in the DOM)

|Feature stage=Shelved |Feature status=` |Feature version=` |Feature health=` |Feature status note=THIS API DESIGN IS SUPERSEDED BY http://www.w3.org/2012/webcrypto/WebCryptoAPI/

Currently a Firefox Extension as well as the 'strawman' proposal for a new W3C standard, DOMCrypt adds a new Window property that wraps NSS crypto functions, see https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest and http://www.w3.org/2011/11/webcryptography-charter.html }}

Team

Product manager Chris Blizzard
Directly Responsible Individual Sid Stamm
Lead engineer David Dahl
Security lead Brian Smith
Privacy lead Sid Stamm
Localization lead `
Accessibility lead `
QA lead Juan Becerra
UX lead `
Product marketing lead `
Operations lead `
Additional members `

{{#set:Feature product manager=Chris Blizzard

|Feature feature manager=Sid Stamm |Feature lead engineer=David Dahl |Feature security lead=Brian Smith |Feature privacy lead=Sid Stamm |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=Juan Becerra |Feature ux lead=` |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=` }}

Open issues/risks

`

Stage 1: Definition

1. Feature overview

DOMCrypt gives web developers and endusers control over who data is shared with in plain text. DOMCrypt will provide Public Key Encryption, Symmetric Encryption, HMAC, and Hashing to DOM scripting.

Goal: Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox

2. Users & use cases

See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases

3. Dependencies

`

4. Requirements

Non-goals

  • Initially supporting complex Crypto standards
  • Hardware device support

Stage 2: Design

5. Functional specification

Draft spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest

Also See http://domcrypt.org and https://github.com/daviddahl/domcrypt

6. User experience design

This is a JavaScript DOM API - it's draft spec specifies no UI at this time. The experience will be a mostly asynchronous API

Stage 3: Planning

7. Implementation plan

Next Steps

  • Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
  • Develop an implementation schedule
  • Port extension over to Firefox/DOM code: underway
  • Test suite - underway
  • Will integrate DOMCryptAPI with window.crypto

Background

  • This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto

8. Reviews

Security review

Review by Brian Smith, additional superreview will be required - perhaps by WTC or Kai Engert

Privacy review

TBD

Localization review

N/A

Accessibility

N/A

Quality Assurance review

TBD

Operations review

TBD

Stage 4: Development

9. Implementation

The implementation may re-use the extension code after it is refactored to use ArrayBufferViews and the internal secure key store, with a final implementation that completely replaces the original extension code. The reason for this is that it has been incredibly useful and instructive to have a working implementation to demo the capabilities to web developers and privacy people. The original extension code will be replaced entirely.

The extension code uses js-ctypes witch can cause some erratic NSS behavior.

Stage 5: Release

10. Landing criteria

(TBD, not exactly sure what to put here, feel free to add some sample criteria -ddahl) {{#set:Feature open issues and risks=` |Feature overview=DOMCrypt gives web developers and endusers control over who data is shared with in plain text. DOMCrypt will provide Public Key Encryption, Symmetric Encryption, HMAC, and Hashing to DOM scripting.

Goal: Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox |Feature users and use cases=See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases |Feature dependencies=` |Feature requirements=* Elegant Public Key encryption API

|Feature non-goals=*Initially supporting complex Crypto standards

  • Hardware device support

|Feature functional spec=Draft spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest

Also See http://domcrypt.org and https://github.com/daviddahl/domcrypt |Feature ux design=This is a JavaScript DOM API - it's draft spec specifies no UI at this time. The experience will be a mostly asynchronous API |Feature implementation plan===== Next Steps ====

  • Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
  • Develop an implementation schedule
  • Port extension over to Firefox/DOM code: underway
  • Test suite - underway
  • Will integrate DOMCryptAPI with window.crypto

Background

  • This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto

|Feature security review=Review by Brian Smith, additional superreview will be required - perhaps by WTC or Kai Engert |Feature privacy review=TBD |Feature localization review=N/A |Feature accessibility review=N/A |Feature qa review=TBD |Feature operations review=TBD |Feature implementation notes=The implementation may re-use the extension code after it is refactored to use ArrayBufferViews and the internal secure key store, with a final implementation that completely replaces the original extension code. The reason for this is that it has been incredibly useful and instructive to have a working implementation to demo the capabilities to web developers and privacy people. The original extension code will be replaced entirely.

The extension code uses js-ctypes witch can cause some erratic NSS behavior. |Feature landing criteria=(TBD, not exactly sure what to put here, feel free to add some sample criteria -ddahl) }}

Feature details

Priority Unprioritized
Rank 999
Theme / Goal Security Leadership
Roadmap Security
Secondary roadmap Developer Tools
Feature list Platform
Project `
Engineering team Security

{{#set:Feature priority=Unprioritized

|Feature rank=999 |Feature theme=Security Leadership |Feature roadmap=Security |Feature secondary roadmap=Developer Tools |Feature list=Platform |Feature project=` |Feature engineering team=Security }}

Team status notes

  status notes
Products ` `
Engineering ` `
Security sec-review-needed bug 744938
Privacy ` `
Localization ` `
Accessibility ` `
Quality assurance ` `
User experience ` `
Product marketing ` `
Operations ` `

{{#set:Feature products status=`

|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=sec-review-needed |Feature security health=` |Feature security notes=bug 744938 |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}


Other Documentation

David Dahl has been working on this project over the past couple of years as a side project. Starting with content-based crypto via wordpress' AES implementation, moving to WeaveCrypto-based extensions and sites like https://droplettr.com - the realization dawned that starting small is the best bet in this endeavor: a single DOM property.