Privacy/Features/DOMCryptAPI: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
{{FeatureStatus
{{FeatureStatus
|Feature name=DOMCryptAPI (a Crypto API in the DOM)
|Feature name=DOMCryptAPI (a Crypto API in the DOM)
|Feature stage=Design
|Feature stage=Planning
|Feature status=In progress
|Feature version=Firefox 15?
|Feature health=OK
|Feature health=OK
|Feature status note=Currently a Firefox Extension, DOMCrypt adds a new Window property that wraps NSS crypto functions, see http://domcrypt.org and https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest
|Feature status note=Currently a Firefox Extension as well as the 'strawman' proposal for a new W3C standard, DOMCrypt adds a new Window property that wraps NSS crypto functions, see https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest and http://www.w3.org/2011/11/webcryptography-charter.html
}}
}}
{{FeatureTeam
{{FeatureTeam
Line 9: Line 11:
|Feature feature manager=Dietrich Ayala
|Feature feature manager=Dietrich Ayala
|Feature lead engineer=David Dahl
|Feature lead engineer=David Dahl
|Feature security lead=Curtis Koenig
|Feature security lead=Brian Smith
|Feature privacy lead=Sid Stamm
|Feature privacy lead=Sid Stamm
|Feature qa lead=Juan Becerra
|Feature qa lead=Juan Becerra
}}
}}
{{FeaturePageBody
{{FeaturePageBody
|Feature overview=DOMCrypt gives web developers and endusers control over who data is shared with in plain text. As a general purpose Crypto API, DOMCrypt will provide Public Key Encryption, Symmetric Encryption and Hashing. There are additional use-cases being developed as well.
|Feature overview=DOMCrypt gives web developers and endusers control over who data is shared with in plain text. DOMCrypt will provide Public Key Encryption, Symmetric Encryption, HMAC, and Hashing to DOM scripting.


Goal: Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox
Goal: Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox
|Feature users and use cases=See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases
|Feature users and use cases=See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases
|Feature requirements=* Elegant Public Key encryption API
|Feature requirements=* Elegant Public Key encryption API
* Elegant Symmetric Encryption API
* Elegant Symmetric (DH key exchange) Encryption API
* SHA256 Hashing API
* Hashing API
* HMAC API
* Off main thread API methods
* Off main thread API methods
* User and web developer evangelism
* User and web developer evangelism
* Discussion and plan for standardization
* Plan for standardization: see http://www.w3.org/2011/11/webcryptography-charter.html
|Feature non-goals=Initially supporting complex Crypto standards.
|Feature non-goals=*Initially supporting complex Crypto standards
|Feature functional spec=* Draft spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest
*Hardware device support
|Feature functional spec=Draft spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest


See http://domcrypt.org and https://github.com/daviddahl/domcrypt
Also See http://domcrypt.org and https://github.com/daviddahl/domcrypt
 
|Feature ux design=This is a JavaScript DOM API - it's draft spec specifies no UI at this time. The experience will be a mostly asynchronous API
The current patch for Firefox has become asynchronous. The API has been renamed "window.cipher" and namespaced for the addition of future APIs.
 
This is the basic API design:
<pre class="brush:js;toolbar:false;">
window.cipher.pk.generateKeypair(function callback(aPubKey){})
 
window.cipher.pk.getPublicKey(function callback(aPubKey){})
 
window.cipher.pk.encrypt(aPlainText, aPublicKey, function callback(aCipherMessage){})
 
window.cipher.pk.decrypt(aCipherMessage, function callback(aPlainText){})
 
window.cipher.pk.sign(aPlainText, function callback(aSignature){})
 
window.cipher.pk.verify(aDecryptedPlainText, aSignature, aPublicKey, function callback(aBoolean){})
 
window.cipher.hash.SHA256(aPlainText, function callback(aHash){})
</pre>
|Feature implementation plan===== Next Steps ====
|Feature implementation plan===== Next Steps ====
* Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
* Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
* Port extension over to Firefox/DOM code: initial patch ready for review
** Check! See the webkit bug: https://bugs.webkit.org/show_bug.cgi?id=62010
* Use ChromeWorkers / callbacks for all API methods - done
* Develop an implementation schedule
* Test suite - done
* Port extension over to Firefox/DOM code: underway
* New name for the DOM property, currently using 'window.cipher' - this is secondary to how the API operates. perhaps we will integrate this with window.crypto or stick it inside "navigator.crypto"
* Test suite - underway
* Will integrate DOMCryptAPI with window.crypto


==== Background ====
==== Background ====
* This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto
* This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto
|Feature qa review=We have a mochitest browser test suite in place in the patch in {{bug|649154}}
|Feature security review=Review by Brian Smith, additional superreview will be required - perhaps by WTC or Kai Engert
|Feature privacy review=TBD
|Feature localization review=N/A
|Feature accessibility review=N/A
|Feature qa review=TBD
|Feature operations review=TBD
|Feature implementation notes=The implementation may re-use the extension code after it is refactored to use ArrayBufferViews and the internal secure key store, with a final implementation that completely replaces the original extension code. The reason for this is that it has been incredibly useful and instructive to have a working implementation to demo the capabilities to web developers and privacy people. The original extension code will be replaced entirely.
 
The extension code uses js-ctypes witch can cause some erratic NSS behavior.
|Feature landing criteria=(TBD, not exactly sure what to put here, feel free to add some sample criteria -ddahl)
}}
}}
{{FeatureInfo
{{FeatureInfo
Line 62: Line 58:
|Feature theme=Enhance User Controlled Disclosure
|Feature theme=Enhance User Controlled Disclosure
|Feature roadmap=Privacy
|Feature roadmap=Privacy
|Feature secondary roadmap=Security
|Feature list=Platform
|Feature list=Platform
|Feature engineering team=DOM
|Feature engineering team=Security
}}
}}
{{FeatureTeamStatus}}
{{FeatureTeamStatus}}
== Other Documentation ==
== Other Documentation ==
David Dahl has been working on this project over the past couple of years as a side project. Starting with content-based crypto via wordpress' AES implementation, moving to WeaveCrypto-based extensions and sites like https://droplettr.com - the realization dawned that starting small is the best bet in this endeavor: a single DOM property.
David Dahl has been working on this project over the past couple of years as a side project. Starting with content-based crypto via wordpress' AES implementation, moving to WeaveCrypto-based extensions and sites like https://droplettr.com - the realization dawned that starting small is the best bet in this endeavor: a single DOM property.

Revision as of 17:51, 6 December 2011

Please use "Edit with form" above to edit this page.

Status

DOMCryptAPI (a Crypto API in the DOM)
Stage Planning
Status In progress
Release target Firefox 15?
Health OK
Status note Currently a Firefox Extension as well as the 'strawman' proposal for a new W3C standard, DOMCrypt adds a new Window property that wraps NSS crypto functions, see https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest and http://www.w3.org/2011/11/webcryptography-charter.html

{{#set:Feature name=DOMCryptAPI (a Crypto API in the DOM)

|Feature stage=Planning |Feature status=In progress |Feature version=Firefox 15? |Feature health=OK |Feature status note=Currently a Firefox Extension as well as the 'strawman' proposal for a new W3C standard, DOMCrypt adds a new Window property that wraps NSS crypto functions, see https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest and http://www.w3.org/2011/11/webcryptography-charter.html }}

Team

Product manager Chris Blizzard
Directly Responsible Individual Dietrich Ayala
Lead engineer David Dahl
Security lead Brian Smith
Privacy lead Sid Stamm
Localization lead `
Accessibility lead `
QA lead Juan Becerra
UX lead `
Product marketing lead `
Operations lead `
Additional members `

{{#set:Feature product manager=Chris Blizzard

|Feature feature manager=Dietrich Ayala |Feature lead engineer=David Dahl |Feature security lead=Brian Smith |Feature privacy lead=Sid Stamm |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=Juan Becerra |Feature ux lead=` |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=` }}

Open issues/risks

`

Stage 1: Definition

1. Feature overview

DOMCrypt gives web developers and endusers control over who data is shared with in plain text. DOMCrypt will provide Public Key Encryption, Symmetric Encryption, HMAC, and Hashing to DOM scripting.

Goal: Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox

2. Users & use cases

See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases

3. Dependencies

`

4. Requirements

Non-goals

  • Initially supporting complex Crypto standards
  • Hardware device support

Stage 2: Design

5. Functional specification

Draft spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest

Also See http://domcrypt.org and https://github.com/daviddahl/domcrypt

6. User experience design

This is a JavaScript DOM API - it's draft spec specifies no UI at this time. The experience will be a mostly asynchronous API

Stage 3: Planning

7. Implementation plan

Next Steps

  • Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
  • Develop an implementation schedule
  • Port extension over to Firefox/DOM code: underway
  • Test suite - underway
  • Will integrate DOMCryptAPI with window.crypto

Background

  • This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto

8. Reviews

Security review

Review by Brian Smith, additional superreview will be required - perhaps by WTC or Kai Engert

Privacy review

TBD

Localization review

N/A

Accessibility

N/A

Quality Assurance review

TBD

Operations review

TBD

Stage 4: Development

9. Implementation

The implementation may re-use the extension code after it is refactored to use ArrayBufferViews and the internal secure key store, with a final implementation that completely replaces the original extension code. The reason for this is that it has been incredibly useful and instructive to have a working implementation to demo the capabilities to web developers and privacy people. The original extension code will be replaced entirely.

The extension code uses js-ctypes witch can cause some erratic NSS behavior.

Stage 5: Release

10. Landing criteria

(TBD, not exactly sure what to put here, feel free to add some sample criteria -ddahl) {{#set:Feature open issues and risks=` |Feature overview=DOMCrypt gives web developers and endusers control over who data is shared with in plain text. DOMCrypt will provide Public Key Encryption, Symmetric Encryption, HMAC, and Hashing to DOM scripting.

Goal: Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox |Feature users and use cases=See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases |Feature dependencies=` |Feature requirements=* Elegant Public Key encryption API

|Feature non-goals=*Initially supporting complex Crypto standards

  • Hardware device support

|Feature functional spec=Draft spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest

Also See http://domcrypt.org and https://github.com/daviddahl/domcrypt |Feature ux design=This is a JavaScript DOM API - it's draft spec specifies no UI at this time. The experience will be a mostly asynchronous API |Feature implementation plan===== Next Steps ====

  • Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
  • Develop an implementation schedule
  • Port extension over to Firefox/DOM code: underway
  • Test suite - underway
  • Will integrate DOMCryptAPI with window.crypto

Background

  • This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto

|Feature security review=Review by Brian Smith, additional superreview will be required - perhaps by WTC or Kai Engert |Feature privacy review=TBD |Feature localization review=N/A |Feature accessibility review=N/A |Feature qa review=TBD |Feature operations review=TBD |Feature implementation notes=The implementation may re-use the extension code after it is refactored to use ArrayBufferViews and the internal secure key store, with a final implementation that completely replaces the original extension code. The reason for this is that it has been incredibly useful and instructive to have a working implementation to demo the capabilities to web developers and privacy people. The original extension code will be replaced entirely.

The extension code uses js-ctypes witch can cause some erratic NSS behavior. |Feature landing criteria=(TBD, not exactly sure what to put here, feel free to add some sample criteria -ddahl) }}

Feature details

Priority P3
Rank 999
Theme / Goal Enhance User Controlled Disclosure
Roadmap Privacy
Secondary roadmap Security
Feature list Platform
Project `
Engineering team Security

{{#set:Feature priority=P3

|Feature rank=999 |Feature theme=Enhance User Controlled Disclosure |Feature roadmap=Privacy |Feature secondary roadmap=Security |Feature list=Platform |Feature project=` |Feature engineering team=Security }}

Team status notes

  status notes
Products ` `
Engineering ` `
Security ` `
Privacy ` `
Localization ` `
Accessibility ` `
Quality assurance ` `
User experience ` `
Product marketing ` `
Operations ` `

{{#set:Feature products status=`

|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=` |Feature security health=` |Feature security notes=` |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}


Other Documentation

David Dahl has been working on this project over the past couple of years as a side project. Starting with content-based crypto via wordpress' AES implementation, moving to WeaveCrypto-based extensions and sites like https://droplettr.com - the realization dawned that starting small is the best bet in this endeavor: a single DOM property.

Retrieved from "https://wiki.mozilla.org/index.php?title=Privacy/Features/DOMCryptAPI&oldid=376123"