Presentation of a new Khtml project (and Problems with mapToGlobal in LineEditWidget)

Eduardo Robles Elvira edulix at gmail.com
Sat Dec 5 08:31:34 GMT 2009 

On Fri, Dec 4, 2009 at 7:50 PM, Rigo Wenning <rigo at w3.org> wrote:
> Hi all,
>
> I did GPG security for HTML pages in 1999 for the german federal
> constitutional court and it was a hack.
>
> The correct way to do it is to use the xhtml serialization and to use XML
> Signature. This is of interest to me. If we get sufficient support, I can see
> how we can help with it from W3C's perspective.
>
> Best,
>
> Rigo Wenning

Hello Rigo,

I didn't know about XML Signature [1]: it seems to be a good way to
create encrypted/signed documents. XML Signature is the envelope for
encrypted/signed data, but that part I think should be up to the
developer of the website. To continue with the envelope analogy, what
I feel is important here is not the envelope itself nor the data it
contains, but how securely it was generated.

It should have been written in a secure room with no windows whose
sole purpose is writing text with a secure "enigma" machine. The user
of that room knows that the room is secure and thus is confident that
no one but his recipient will be able to read what he is writing. When
he gets out of the room, he handles the written cyphered text to the
mailman and that's it.

The secure room would be the encrypted input element, which the user
knows is secure because of the visual hints of the browser which lets
the user know that it's actually secure. The enigma machine would be
the cypher method you would be using, GPG for example. Both things
would be provided by the user's web browser and thus if the user
trusts his web browser he then trust the secure room and the enigma
machine.

Also, the room is room is secure because it's imposible to access to
the input element value unencrypted or to change it: if you try to
access to it's value it will be encrypted. If you  try to modify the
value, it won't work (only the user can do it, and even if it worked
you could only change the encrypted value, not the plain text). The
recipient of the text can only be set once, and the user can see it
clicking in the padlock (probably I should also put in the status bar
on mouse over and when the input/textarea has the focus to make it
perfectly clear).

By the way did you know about WebPKI [2]? It's similar to XML
Signature. It's not a W3C draft but a researcher propossal, but it
provides something closer to what I want: a means to generate signed
html code. So it differs from XML Signature in that it provides a
workflow for generating the signed document: the user is shown a
signature request for a document, then the user can sign it, and then
the signed document is generated and sent, all done by the web browser
too.

The problem I see with WebPKI is that it doesn't provide a way to
generate encrypted data and even if it did, it's not designed to do
so. It's more like a way to ask the user for his signature for
something generated by the server than anything else. So it doesn't
provide a secure room where the user can write anything he wants
without anyone else spying him, but instead it's a secure room in
which he is given a written text which he can securely stamp his
signature in.

So has anything similar to this been done? Certainly. Yourself seem to
have done it ten years ago, but even now there's a  Firefox extension
(damn it there's always a Firefox extension doesn't it? :P) called
FireGPG [3] whose aim is very similar to mine. By using right click ->
Encrypt/Decrypt you can encrypt or decrypt any text in a textarea. It
has also support for its own type of plugins for modifying existing
websites for adding better integration of this in them (mainly,
gmail). It has even its own Javascript API for doing all this, and
that part is quite interesting. But it doesn't seem provide a HTML tag
or attribute to mark as "encrypted" a textarea or input element. On
the other hand, FireGPG already exists and works, and it's a good
start point for implementing support for what I'm working on in
Firefox too. I will probably drop an email to them to let them know
about my project =).

Regards,
    Eduardo Robles Elvira.
--
[1] http://www.w3.org/TR/xmldsig-core/#sec-PGPData
[2] http://webpki.org
[3] http://getfiregpg.org/

More information about the kfm-devel mailing list