[prev in list] [next in list] [prev in thread] [next in thread]
List: webkit-dev
Subject: Re: [webkit-dev] WebKit position on Web NFC
From: Ryosuke Niwa <rniwa () webkit ! org>
Date: 2020-01-22 9:23:29
Message-ID: CABNRm60Lf-98xdhxQSYTBOyri8_dt9rCDsn8aQ2RS=rRPy+4pA () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
On Wed, Jan 22, 2020 at 12:23 AM Fran=C3=A7ois Beaufort =F0=9F=87=AB=F0=9F=
=87=B7 <
fbeaufort@google.com> wrote:
> Maciej said earlier they could provide more details if desired.
>
Well, you have to tell us what details you're looking for.
Would you have any alternative ideas that would help ordinary people
> understand the full security & privacy implications of granting NFC acces=
s?
>
I can't imagine how given most people don't know what NFC is.
I'll go off a bit on a tangent and say that one of the primary strengths of
the Web is that users can visit any website without the fear of their
computing devices being permanently compromised. Unfortunately, APIs such
as Web NFC, Web USB, Web Serial API would pose new threats for persistent
attacks on external devices exposed by those APIs. If we continue this
path, at some point (or maybe we're already there), the Web will turn into
any other non-Web platform where ordinary users can (or are advised to)
only use well known trusted applications or visit well known trusted
websites just like how native apps work today.
- R. Niwa
On Wed, Jan 22, 2020 at 8:15 AM Ryosuke Niwa <rniwa@webkit.org> wrote:
>
>> I'm not sure what specifics you're looking for but the issue is that we
>> don't believe permission prompt is sufficient mitigation. Ordinary peopl=
e
>> don't understand the full security & privacy implications of granting NF=
C
>> access when asked.
>>
>> - R. Niwa
>>
>> On Wed, Jan 22, 2020 at 12:04 AM Fran=C3=A7ois Beaufort =F0=9F=87=AB=F0=
=9F=87=B7 <
>> fbeaufort@google.com> wrote:
>>
>>> Gentle ping.
>>>
>>> On Mon, Jan 13, 2020 at 12:56 PM Fran=C3=A7ois Beaufort =F0=9F=87=AB=F0=
=9F=87=B7 <
>>> fbeaufort@google.com> wrote:
>>>
>>>> As promised earlier, here's the intent to experiment thread URL we've
>>>> just sent to blink-dev:
>>>> https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/8bsAd=
-PsdbA
>>>>
>>>> It would be greatly appreciated if you could share specifics about you=
r
>>>> decision.
>>>> Some alternative designs would also help moving this discussion forwar=
d.
>>>>
>>>> Thank you,
>>>> Francois.
>>>>
>>>> On Mon, Jan 6, 2020 at 10:48 PM Maciej Stachowiak <mjs@apple.com>
>>>> wrote:
>>>>
>>>>>
>>>>> We oppose this feature and will not implement it.
>>>>>
>>>>> We do not believe a permission prompt is a sufficient mitigation for
>>>>> the serious security and privacy risks raised by this specification. =
In
>>>>> addition, we think exposing direct hardware access to the web is a ba=
d idea
>>>>> and compromises the device-independence of the web platform.
>>>>>
>>>>> We can provide more details if desired but it may take a few days.
>>>>>
>>>>> On Jan 5, 2020, at 11:40 PM, Fran=C3=A7ois Beaufort =F0=9F=87=AB=F0=
=9F=87=B7 <
>>>>> fbeaufort@google.com> wrote:
>>>>>
>>>>> Hello WebKit Dev folks,
>>>>>
>>>>> Following Maciej's invitation to send requests for positions on Web
>>>>> API proposals to webkit-dev, we would like to know WebKit's position =
on Web
>>>>> NFC: https://w3c.github.io/web-nfc/
>>>>>
>>>>> Web NFC aims to provide sites the ability to read and write to nearby
>>>>> NFC devices. The current scope is limited to NDEF, a lightweight bina=
ry
>>>>> message format. Low-level I/O operations with the ISO-DEP protocol an=
d
>>>>> Host-based Card Emulation (HCE) are not supported.
>>>>>
>>>>> FYI, an intent to experiment will be posted soon on blink-dev.
>>>>> I'll update this webkit-dev thread with the URL when done.
>>>>>
>>>>> TAG Review: https://github.com/w3ctag/design-reviews/issues/461
>>>>> Chromestatus URL:
>>>>> https://www.chromestatus.com/features/6261030015467520
>>>>> Mozilla standards-positions:
>>>>> https://github.com/mozilla/standards-positions/issues/238
>>>>>
>>>>> Thank you,
>>>>> Francois.
>>>>> _______________________________________________
>>>>> webkit-dev mailing list
>>>>> webkit-dev@lists.webkit.org
>>>>> https://lists.webkit.org/mailman/listinfo/webkit-dev
>>>>>
>>>>>
>>>>> _______________________________________________
>>> webkit-dev mailing list
>>> webkit-dev@lists.webkit.org
>>> https://lists.webkit.org/mailman/listinfo/webkit-dev
>>>
>>
[Attachment #5 (text/html)]
<div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr">On Wed, \
Jan 22, 2020 at 12:23 AM François Beaufort 🇫🇷 <<a \
href="mailto:fbeaufort@google.com">fbeaufort@google.com</a>> wrote:<br></div><div \
class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div \
dir="ltr">Maciej said earlier they could provide more details if \
desired.<br></div></blockquote><div><br></div><div>Well, you have to tell us what \
details you're looking for.</div><div><br></div><blockquote class="gmail_quote" \
style="margin:0px 0px 0px \
0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div \
dir="ltr">Would you have any alternative ideas that would help ordinary people \
understand the full security & privacy implications of granting NFC \
access?</div></blockquote><div><br></div><div>I can't imagine how given most \
people don't know what NFC is.</div><div><br></div><div>I'll go off a bit on \
a tangent and say that o<font color="#000000">ne of the primary strengths of the Web \
is that users can visit any website without the fear of their computing devices being \
permanently compromised. Unfortunately, APIs such as <span style="caret-color: \
rgb(0, 0, 0);">Web NFC, Web USB, Web Serial API</span> would pose new threats for \
persistent attacks on external devices exposed by those APIs. If we continue this \
path, <span style="caret-color: rgb(0, 0, 0);">at some point (or maybe we're \
already there), </span></font><span style="color:rgb(0,0,0)">the Web will turn into \
any other non-Web platform where ordinary users can (or are advised to) only use well \
known trusted applications or visit well known trusted websites just like how native \
apps work today.</span></div><div><br></div><div>- R. \
Niwa</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Jan 22, 2020 at 8:15 AM \
Ryosuke Niwa <<a href="mailto:rniwa@webkit.org" \
target="_blank">rniwa@webkit.org</a>> wrote:<br></div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div \
dir="ltr"><div>I'm not sure what specifics you're looking for but the issue \
is that we don't believe permission prompt is sufficient mitigation. Ordinary \
people don't understand the full security & privacy implications of granting \
NFC access when asked.</div><div><br></div><div>- R. Niwa</div><div \
dir="ltr"><br></div><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On \
Wed, Jan 22, 2020 at 12:04 AM François Beaufort 🇫🇷 <<a \
href="mailto:fbeaufort@google.com" target="_blank">fbeaufort@google.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div \
dir="ltr">Gentle ping.</div><br><div class="gmail_quote"><div dir="ltr" \
class="gmail_attr">On Mon, Jan 13, 2020 at 12:56 PM François Beaufort 🇫🇷 \
<<a href="mailto:fbeaufort@google.com" \
target="_blank">fbeaufort@google.com</a>> wrote:<br></div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div \
dir="ltr">As promised earlier, here's the intent to experiment thread URL \
we've just sent to blink-dev: <a \
href="https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/8bsAd-PsdbA" \
target="_blank">https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/8bsAd-PsdbA</a><br><br><div>It \
would be greatly appreciated if you could share specifics about your \
decision.</div><div>Some alternative designs would also help moving this discussion \
forward.<br><br>Thank you,</div><div>Francois.<br></div></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Jan 6, 2020 at 10:48 PM \
Maciej Stachowiak <<a href="mailto:mjs@apple.com" \
target="_blank">mjs@apple.com</a>> wrote:<br></div><blockquote class="gmail_quote" \
style="margin:0px 0px 0px \
0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div><div><br></div>We \
oppose this feature and will not implement it.<div><br></div><div>We do not believe a \
permission prompt is a sufficient mitigation for the serious security and privacy \
risks raised by this specification. In addition, we think exposing direct hardware \
access to the web is a bad idea and compromises the device-independence of the web \
platform.</div><div><br></div><div>We can provide more details if desired but it may \
take a few days.<br><div><br><blockquote type="cite"><div>On Jan 5, 2020, at 11:40 \
PM, François Beaufort 🇫🇷 <<a href="mailto:fbeaufort@google.com" \
target="_blank">fbeaufort@google.com</a>> wrote:</div><br><div><div \
dir="ltr"><div>Hello WebKit Dev folks,</div><div><br>Following Maciej's \
invitation to send requests for positions on Web API proposals to webkit-dev, we \
would like to know WebKit's position on Web NFC: <a \
href="https://w3c.github.io/web-nfc/" \
target="_blank">https://w3c.github.io/web-nfc/</a></div><div><br>Web NFC aims to \
provide sites the ability to read and write to nearby NFC devices. The current scope \
is limited to NDEF, a lightweight binary message format. Low-level I/O operations \
with the ISO-DEP protocol and Host-based Card Emulation (HCE) are not \
supported.<br><br></div><div>FYI, an intent to experiment will be posted soon on \
blink-dev.</div><div>I'll update this webkit-dev thread with the URL when \
done.</div><div><br>TAG Review: <a \
href="https://github.com/w3ctag/design-reviews/issues/461" \
target="_blank">https://github.com/w3ctag/design-reviews/issues/461</a><br>Chromestatus \
URL: <a href="https://www.chromestatus.com/features/6261030015467520" \
target="_blank">https://www.chromestatus.com/features/6261030015467520</a><br>Mozilla \
standards-positions: <a \
href="https://github.com/mozilla/standards-positions/issues/238" \
target="_blank">https://github.com/mozilla/standards-positions/issues/238</a><br><br>Thank \
you,</div><div>Francois.</div></div> \
_______________________________________________<br>webkit-dev mailing list<br><a \
href="mailto:webkit-dev@lists.webkit.org" \
target="_blank">webkit-dev@lists.webkit.org</a><br><a \
href="https://lists.webkit.org/mailman/listinfo/webkit-dev" \
target="_blank">https://lists.webkit.org/mailman/listinfo/webkit-dev</a><br></div></blockquote></div><br></div></div></blockquote></div>
</blockquote></div>
_______________________________________________<br>
webkit-dev mailing list<br>
<a href="mailto:webkit-dev@lists.webkit.org" \
target="_blank">webkit-dev@lists.webkit.org</a><br> <a \
href="https://lists.webkit.org/mailman/listinfo/webkit-dev" rel="noreferrer" \
target="_blank">https://lists.webkit.org/mailman/listinfo/webkit-dev</a><br> \
</blockquote></div></div> </blockquote></div>
</blockquote></div></div></div></div></div>
_______________________________________________
webkit-dev mailing list
webkit-dev@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic