Open adrianhopebailie opened 6 years ago
I suggest that browsers MAY verify signatures, but are not required to... the job of verifying the signatures is for the endpoints. We should be decoupling what the browser does (message passing) from the smarts of the edges of the network.
If you make browsers the gatekeeper of the crypto used, then they become the gatekeepers of how security is done in payments. The browsers should be "dumb pipes", where the smarts are pushed out to the edges (where the expertise in payments and security resides).
IF the group is considering the RFC above, then I also suggest it looks into Linked Data Signatures for at least the following reasons:
Arguments against are:
There is still active development on the specs as we get implementation feedback from implementers.
The only reason I'm bringing this up is because this particular issue is considering a more experimental path forward.
More here:
https://w3c-dvcg.github.io/ld-signatures/
and here:
It seems to me this conversation is probably premature. We can't make good choices regarding solutions until we have a good handle on the problem space. Personally, I don't yet understand what problem the signatures spec at https://github.com/w3c/webpayments-crypto/wiki/Signatures is trying to solve, who the actors are (i.e. sender and recipient of the signed data), why we wouldn't encrypt and sign this data instead of merely sign it but send it in the clear, etc. Am I missing something obvious?
@adrianhopebailie, can we close this issue?
This really just a placeholder of possible implementations for signatures. Don't think we should close but could classify as such?
https://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?url=https%3A%2F%2Fraw.githubusercontent.com%2Ferdtman%2FCleartext-JOSE%2Fmaster%2Fdraft-erdtman-jose-cleartext-jws.xml
Currently an early draft but may be worth considering for signatures as this schema would be easier to express in WebIDL and validate in a browser.