Privacy/Features/DOMCryptAPI: Difference between revisions

Jump to navigation Jump to search

Privacy/Features/DOMCryptAPI (view source)

Revision as of 01:26, 14 July 2011

3,965 bytes removed ,  14 July 2011
m
clearing in prep for migration to new feature page format (will be done momentarily)
m (clearing in prep for migration to new feature page format (will be done momentarily))
Line 1: Line 1:
{| class="fullwidth-table"
|-
| style="font-weight: bold; background: #DDD;" | Feature
| style="font-weight: bold; background: #DDD;" | Status
| style="font-weight: bold; background: #DDD;" | ETA
| style="font-weight: bold; background: #DDD;" | Owner
|-
<section begin="status" />
| [[DOMCryptAPI]] (a Crypto API in the DOM)
| {{StatusHealthy|status=Currently a Firefox Extension, DOMCrypt adds a new Window property that wraps NSS crypto functions, see http://domcrypt.org and https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest }}
| 2011-07-01
| David Dahl
<section end="status" />
|-
|}


== Summary ==
DOMCrypt gives web developers and endusers control over who data is shared with in plain text. As a general purpose Crypto API, DOMCrypt will provide Public Key Encryption, Symmetric Encryption and Hashing. There are additional use-cases being developed as well.
== Team ==
* '''Feature Manager''': ''Dietrich Alaya''
* '''Lead Developer''': David Dahl
* '''Product Manager''':
* '''QA''': Juan Becerra
* '''Security''': Curtis Koenig
* '''Privacy''': [[User:Sidstamm|Sid Stamm]]
* '''Cryptography''':
== Draft Spec ==
* https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest
== Release Requirements ==
* Elegant Public Key encryption API
* Elegant Symmetric Encryption API
* SHA256 Hashing API
* Off main thread API methods
* User and web developer evangelism
* Discussion and plan for standardization
== Next Steps ==
* Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
* Port extension over to Firefox/DOM code: initial patch ready for review
* Use ChromeWorkers / callbacks for all API methods - done
* Test suite - done
* New name for the DOM property, currently using 'window.cipher' - this is secondary to how the API operates. perhaps we will integrate this with window.crypto or stick it inside "navigator.crypto"
== Background ==
* This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto
== Use Cases ==
See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases
== Related Bugs & Dependencies ==
*Mozilla: {{bug|649154}}
*WebKit: https://bugs.webkit.org/show_bug.cgi?id=62010
== Designs ==
See http://domcrypt.org and https://github.com/daviddahl/domcrypt
The current patch for Firefox has become asynchronous. The API has been renamed "window.cipher" and namespaced for the addition of future APIs.
This is the basic API design:
<pre class="brush:js;toolbar:false;">
window.cipher.pk.generateKeypair(function callback(aPubKey){})
window.cipher.pk.getPublicKey(function callback(aPubKey){})
window.cipher.pk.encrypt(aPlainText, aPublicKey, function callback(aCipherMessage){})
window.cipher.pk.decrypt(aCipherMessage, function callback(aPlainText){})
window.cipher.pk.sign(aPlainText, function callback(aSignature){})
window.cipher.pk.verify(aDecryptedPlainText, aSignature, aPublicKey, function callback(aBoolean){})
window.cipher.hash.SHA256(aPlainText, function callback(aHash){})
</pre>
== Test Plans ==
We have a mochitest browser test suite in place in the patch in {{bug|649154}}
== Goals/Use Cases ==
Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox
== Non-Goals ==
Initially supporting complex Crypto standards
== Other Documentation ==
David Dahl has been working on this project over the past couple of years as a side project. Starting with content-based crypto via wordpress' AES implementation, moving to WeaveCrypto-based extensions and sites like https://droplettr.com - the realization dawned that starting small is the best bet in this endeavor: a single DOM property.
== Legend ==
{| class="fullwidth-table"
|-
| {{StatusHealthy|status=&nbsp;}}
| Healthy: feature is progressing as expected.
|-
| '''ETA'''
| 2011-06-23
|}
__NOTOC__
[[Category:Features]]
[[Category:Firefox]]
[[Category:Security]]
Dria
canmove, Confirmed users, Bureaucrats and Sysops emeriti
6,906

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/329173"

Navigation menu