Privacy/Features/DOMCryptAPI: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
 
(23 intermediate revisions by 6 users not shown)
Line 1: Line 1:
{| class="fullwidth-table"
{{FeatureStatus
|-
|Feature name=DOMCryptAPI (a Crypto API in the DOM)
| style="font-weight: bold; background: #DDD;" | Feature
|Feature stage=Shelved
| style="font-weight: bold; background: #DDD;" | Status
|Feature status note=THIS API DESIGN IS SUPERSEDED BY http://www.w3.org/2012/webcrypto/WebCryptoAPI/
| style="font-weight: bold; background: #DDD;" | ETA
| style="font-weight: bold; background: #DDD;" | Owner
|-
<section begin="status" />
| [[DOMCrypt is a Crypto API in the DOM]]
| {{StatusHealthy|status=Currently a Firefox Extension, DOMCrypt adds a new Window property that wraps NSS crypto functions, see http://domcrypt.org}}
| 2011-05-23
| David Dahl
<section end="status" />
|-
|}


== Summary ==
Currently a Firefox Extension as well as the 'strawman' proposal for a new W3C standard, DOMCrypt adds a new Window property that wraps NSS crypto functions, see https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest and http://www.w3.org/2011/11/webcryptography-charter.html
DOMCrypt gives web developers and endusers control over who data typed into Firefox is shared with. This is like DNT for content, however, the user does not have to ask permission to opt out of tracking or revealing data. 3rd parties do not get to parse and mine user data.
}}
 
{{FeatureTeam
== Team ==
|Feature product manager=Chris Blizzard
 
|Feature feature manager=Sid Stamm
* '''Feature Manager''': ''Dietrich Alaya''
|Feature lead engineer=David Dahl
* '''Lead Developer''': David Dahl
|Feature security lead=Brian Smith
* '''Product Manager''':
|Feature privacy lead=Sid Stamm
* '''QA''': Juan Becerra
|Feature qa lead=Juan Becerra
* '''Security''': Curtis Koenig
}}
* '''Privacy''': [[User:Sidstamm|Sid Stamm]]
{{FeaturePageBody
* '''Cryptography''':
|Feature overview=DOMCrypt gives web developers and endusers control over who data is shared with in plain text. DOMCrypt will provide Public Key Encryption, Symmetric Encryption, HMAC, and Hashing to DOM scripting.
 
== Release Requirements ==


Goal: Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox
|Feature users and use cases=See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases
|Feature requirements=* Elegant Public Key encryption API
* Elegant Symmetric (DH key exchange) Encryption API
* Hashing API
* HMAC API
* Off main thread API methods
* Off main thread API methods
* Fennec support
* User and web developer evangelism
* User and web developer evangelism
* Discussion and plan for possible standardization/use of existing standards
* Plan for standardization: see http://www.w3.org/2011/11/webcryptography-charter.html
|Feature non-goals=*Initially supporting complex Crypto standards
*Hardware device support
|Feature functional spec=Draft spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest


== Next Steps ==
Also See http://domcrypt.org and https://github.com/daviddahl/domcrypt
|Feature ux design=This is a JavaScript DOM API - it's draft spec specifies no UI at this time. The experience will be a mostly asynchronous API
|Feature implementation plan===== Next Steps ====
* Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
** Check! See the webkit bug: https://bugs.webkit.org/show_bug.cgi?id=62010
* Develop an implementation schedule
* Port extension over to Firefox/DOM code: underway
* Test suite - underway
* Will integrate DOMCryptAPI with window.crypto


* Port extension over to Firefox/DOM code: initial patch ready for review
==== Background ====
* Use ChromeWorkers / callbacks for all API methods - done
* This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto
* Test suite - done
|Feature security review=Review by Brian Smith, additional superreview will be required - perhaps by WTC or Kai Engert
* New name for the DOM property, currently using 'crypt', which is too close to window.crypto: changed to "cipher" - may also change again to 'mozCipher' for release
|Feature privacy review=TBD
 
|Feature localization review=N/A
== Open Issues ==
|Feature accessibility review=N/A
* This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central
|Feature qa review=TBD
 
|Feature operations review=TBD
* Currently, I think that we will need a completely new ChromeWorker-based module that borrows heavily from the existing js-ctypes WeaveCrypto JSM.
|Feature implementation notes=The implementation may re-use the extension code after it is refactored to use ArrayBufferViews and the internal secure key store, with a final implementation that completely replaces the original extension code. The reason for this is that it has been incredibly useful and instructive to have a working implementation to demo the capabilities to web developers and privacy people. The original extension code will be replaced entirely.  
 
== Related Bugs & Dependencies ==
{{bug|649154}}
 
== Designs ==
See http://domcrypt.org and https://github.com/daviddahl/domcrypt
 
== Test Plans ==
We have a mochitest browser test suite in place in the patch in {{bug|649154}}
 
== Goals/Use Cases ==
Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox
 
== Non-Goals ==
Initially supporting complex Crypto standards. That will be a future goal.


The extension code uses js-ctypes witch can cause some erratic NSS behavior.
|Feature landing criteria=(TBD, not exactly sure what to put here, feel free to add some sample criteria -ddahl)
}}
{{FeatureInfo
|Feature priority=Unprioritized
|Feature theme=Security Leadership
|Feature roadmap=Security
|Feature secondary roadmap=Developer Tools
|Feature list=Platform
|Feature engineering team=Security
}}
{{FeatureTeamStatus
|Feature security status=sec-review-needed
|Feature security notes={{bug|744938}}
}}
== Other Documentation ==
== Other Documentation ==
David Dahl has been working on this project over the past couple of years as a side project. Starting with content-based crypto via wordpress' AES implementation, moving to WeaveCrypto-based extensions and sites like https://droplettr.com - the realization dawned that starting small is the best bet in this endeavor: a single DOM property.
David Dahl has been working on this project over the past couple of years as a side project. Starting with content-based crypto via wordpress' AES implementation, moving to WeaveCrypto-based extensions and sites like https://droplettr.com - the realization dawned that starting small is the best bet in this endeavor: a single DOM property.
== Legend ==
{| class="fullwidth-table"
|-
| {{StatusHealthy|status=&nbsp;}}
| Healthy: feature is progressing as expected.
|-
| '''ETA'''
| 2011-05-23
|}
__NOTOC__
[[Category:Features]]
[[Category:Firefox]]
[[Category:Security]]

Latest revision as of 19:02, 22 November 2013

Please use "Edit with form" above to edit this page.

Status

DOMCryptAPI (a Crypto API in the DOM)
Stage Shelved
Status `
Release target `
Health `
Status note THIS API DESIGN IS SUPERSEDED BY http://www.w3.org/2012/webcrypto/WebCryptoAPI/ Currently a Firefox Extension as well as the 'strawman' proposal for a new W3C standard, DOMCrypt adds a new Window property that wraps NSS crypto functions, see https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest and http://www.w3.org/2011/11/webcryptography-charter.html

{{#set:Feature name=DOMCryptAPI (a Crypto API in the DOM)

|Feature stage=Shelved |Feature status=` |Feature version=` |Feature health=` |Feature status note=THIS API DESIGN IS SUPERSEDED BY http://www.w3.org/2012/webcrypto/WebCryptoAPI/

Currently a Firefox Extension as well as the 'strawman' proposal for a new W3C standard, DOMCrypt adds a new Window property that wraps NSS crypto functions, see https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest and http://www.w3.org/2011/11/webcryptography-charter.html }}

Team

Product manager Chris Blizzard
Directly Responsible Individual Sid Stamm
Lead engineer David Dahl
Security lead Brian Smith
Privacy lead Sid Stamm
Localization lead `
Accessibility lead `
QA lead Juan Becerra
UX lead `
Product marketing lead `
Operations lead `
Additional members `

{{#set:Feature product manager=Chris Blizzard

|Feature feature manager=Sid Stamm |Feature lead engineer=David Dahl |Feature security lead=Brian Smith |Feature privacy lead=Sid Stamm |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=Juan Becerra |Feature ux lead=` |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=` }}

Open issues/risks

`

Stage 1: Definition

1. Feature overview

DOMCrypt gives web developers and endusers control over who data is shared with in plain text. DOMCrypt will provide Public Key Encryption, Symmetric Encryption, HMAC, and Hashing to DOM scripting.

Goal: Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox

2. Users & use cases

See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases

3. Dependencies

`

4. Requirements

Non-goals

  • Initially supporting complex Crypto standards
  • Hardware device support

Stage 2: Design

5. Functional specification

Draft spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest

Also See http://domcrypt.org and https://github.com/daviddahl/domcrypt

6. User experience design

This is a JavaScript DOM API - it's draft spec specifies no UI at this time. The experience will be a mostly asynchronous API

Stage 3: Planning

7. Implementation plan

Next Steps

  • Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
  • Develop an implementation schedule
  • Port extension over to Firefox/DOM code: underway
  • Test suite - underway
  • Will integrate DOMCryptAPI with window.crypto

Background

  • This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto

8. Reviews

Security review

Review by Brian Smith, additional superreview will be required - perhaps by WTC or Kai Engert

Privacy review

TBD

Localization review

N/A

Accessibility

N/A

Quality Assurance review

TBD

Operations review

TBD

Stage 4: Development

9. Implementation

The implementation may re-use the extension code after it is refactored to use ArrayBufferViews and the internal secure key store, with a final implementation that completely replaces the original extension code. The reason for this is that it has been incredibly useful and instructive to have a working implementation to demo the capabilities to web developers and privacy people. The original extension code will be replaced entirely.

The extension code uses js-ctypes witch can cause some erratic NSS behavior.

Stage 5: Release

10. Landing criteria

(TBD, not exactly sure what to put here, feel free to add some sample criteria -ddahl) {{#set:Feature open issues and risks=` |Feature overview=DOMCrypt gives web developers and endusers control over who data is shared with in plain text. DOMCrypt will provide Public Key Encryption, Symmetric Encryption, HMAC, and Hashing to DOM scripting.

Goal: Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox |Feature users and use cases=See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases |Feature dependencies=` |Feature requirements=* Elegant Public Key encryption API

|Feature non-goals=*Initially supporting complex Crypto standards

  • Hardware device support

|Feature functional spec=Draft spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest

Also See http://domcrypt.org and https://github.com/daviddahl/domcrypt |Feature ux design=This is a JavaScript DOM API - it's draft spec specifies no UI at this time. The experience will be a mostly asynchronous API |Feature implementation plan===== Next Steps ====

  • Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
  • Develop an implementation schedule
  • Port extension over to Firefox/DOM code: underway
  • Test suite - underway
  • Will integrate DOMCryptAPI with window.crypto

Background

  • This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto

|Feature security review=Review by Brian Smith, additional superreview will be required - perhaps by WTC or Kai Engert |Feature privacy review=TBD |Feature localization review=N/A |Feature accessibility review=N/A |Feature qa review=TBD |Feature operations review=TBD |Feature implementation notes=The implementation may re-use the extension code after it is refactored to use ArrayBufferViews and the internal secure key store, with a final implementation that completely replaces the original extension code. The reason for this is that it has been incredibly useful and instructive to have a working implementation to demo the capabilities to web developers and privacy people. The original extension code will be replaced entirely.

The extension code uses js-ctypes witch can cause some erratic NSS behavior. |Feature landing criteria=(TBD, not exactly sure what to put here, feel free to add some sample criteria -ddahl) }}

Feature details

Priority Unprioritized
Rank 999
Theme / Goal Security Leadership
Roadmap Security
Secondary roadmap Developer Tools
Feature list Platform
Project `
Engineering team Security

{{#set:Feature priority=Unprioritized

|Feature rank=999 |Feature theme=Security Leadership |Feature roadmap=Security |Feature secondary roadmap=Developer Tools |Feature list=Platform |Feature project=` |Feature engineering team=Security }}

Team status notes

  status notes
Products ` `
Engineering ` `
Security sec-review-needed bug 744938
Privacy ` `
Localization ` `
Accessibility ` `
Quality assurance ` `
User experience ` `
Product marketing ` `
Operations ` `

{{#set:Feature products status=`

|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=sec-review-needed |Feature security health=` |Feature security notes=bug 744938 |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}


Other Documentation

David Dahl has been working on this project over the past couple of years as a side project. Starting with content-based crypto via wordpress' AES implementation, moving to WeaveCrypto-based extensions and sites like https://droplettr.com - the realization dawned that starting small is the best bet in this endeavor: a single DOM property.

Retrieved from "https://wiki.mozilla.org/index.php?title=Privacy/Features/DOMCryptAPI&oldid=768568"