owned this note
owned this note
Published
Linked with GitHub
# Igalia Updates for Decentralized Web Grant
## 2024 Weeks 32-36
Hello, please find the status for the tasks from weeks 32-36 below. We have included a few relevant bits from early this week (week 37). Please let us know if you have any questions.
### Implement the Ed25519 in browsers
* Retaking the patches to address the deriveBit cases with zero value for the length argument
- Analyzing previous discussions in GitHub
- Preparing a proposal to be discussed with Daniel (WebCrypto spec editor)
* Continue working on the proposal to address the deriveBits interop issues with length zero
* Reading the relevant sections of the RFCs referenced by the the affected algorithms
* Discussing with Daniel via email about my proposal
* Scheduled a call for next week (week 37)
* Met with Daniel and the following are highlights from the call:
* Ed25519 random signatures
* not sure if randomizes signatures will be part of an official RFC (likely, will)
* TODO: create an issue to gather opinions from Chromium and Firefox
* PR to change the WPT
* small-order
* easiest way is forget about full correctness, as WebKit and Chrome does.
* propose this as optional
* better to move the discusson to the ITEF and made the changes in the crypto libraries
* deriveBits
* Implement what it's specicied for PBKDF2 & HKDF (PR#275)
* File an issue for ECDH and X25519 so that we throw on any value different than the default curve's length
### Cross-Origin-Embedder policy issue blocking Web Tiles development
* Start the investigation of the Cross-Origin-Embedder policy issue
* Analysis of the HTML spec sections where this headers are defined
* Debugging the test case provided in the bug
* Ideally need a more simple test case
## 2024 Weeks 28 - 31
Hello, please find the status for the tasks from weeks 28-31 below. Please let us know if you have any questions.
### Handling pending WebTransport sessions
* Implementing a more complete solution, as defined in the design document, based on getting the WebTransport server's IP just after the DNS request is resolved
- https://chromium-review.googlesource.com/c/chromium/src/+/5745063 [ REVIEW ]
- Added a new argument to the OnHandshakeFailed method of the WebTransport Mojom interface to pass the server address as an IPEndPoint instance from the network process to the browser process.
- This patch seems to solve the issues detected in the [libp2p demo](https://libp2p-webtransport-sessions.on.fleek.co/)
- During the review, Adam suggested a new approach; we would define a new method OnBeforeConnect to the WebTransport mojom interface to pass the server address just before the UDP connection is created.
- https://chromium-review.googlesource.com/c/chromium/src/+/5756508 [ WIP ]
### Implement the Ed25519 in browsers**
* Fixing the interoperability issues of the deriveBits operation and it's 'length' parameter
- Blink implementation
- Make the deriveBits length as optional
- https://issues.chromium.org/issues/40265696
- https://chromium-review.googlesource.com/c/chromium/src/+/5686232 \[ REVIEW \]
- Implementing a patch for the case of length=0 in HKDF algorithms
- https://issues.chromium.org/issues/352364580
- https://chromium-review.googlesource.com/c/chromium/src/+/5729992 \[ REVIEW \]
- WebKit implementation
- Make the deriveBits length as optional
- https://bugs.webkit.org/show_bug.cgi?id=276331 [ FIXED ]
- Implementing a patch for the case of length=0 in HKDF algorithms
- https://bugs.webkit.org/show_bug.cgi?id=276394
- https://github.com/WebKit/WebKit/pull/30667 \[ REVIEW \]
- Gecko implementation
- Make the deriveBits length as optional
- https://bugzilla.mozilla.org/show_bug.cgi?id=1793429
- https://phabricator.services.mozilla.com/D217532 \[ REVIEW \]
## 2024 Weeks 24 - 27
Hello, please find the status for the tasks from weeks 24-27 below. Please let us know if you have any questions.
### Handling pending WebTransport sessions
- Prepared a deb package with the strategy pattern and the runtime flag
- ["Consider the origin on the WebTransport throttle" Prototype](https://chromium-review.googlesource.com/c/chromium/src/+/5600351)
- Addressing review feedback from Adam (Google) in regards to the MVP patch.
- Implemented a small-refactoring in preparation for the origin-based throttling approach
- https://chromium-review.googlesource.com/c/chromium/src/+/5664914 [ MERGED ]
### Support Extensions in custom protocols
- Completed the [design document](https://docs.google.com/document/d/1e6mSsbjLqBd1_4EAS_AX543vy53oq8SlycNwQ0mZ46g/edit?usp=sharing) with the permissions management and conflict resolutions
- Shared the design document with Google for feedback.
- Expecting to make more progress with this over the next month.
### Implement the Ed25519 in browsers
* Resume the efforts to push forward the issues blocking the intent-to-ship request
- https://github.com/w3c/webcrypto/pull/362
+ how to manage small-order points
+ randomized EdDSA signatures
- https://github.com/w3c/webcrypto/pull/345
+ deriveBits interoperability
* Sent emails to Apple, Mozilla and Google about the different issues
* The [PR#345](https://github.com/w3c/webcrypto/pull/345) to resolve the interop issues of the deriveBits operation has been merged
- update my [PR](https://github.com/web-platform-tests/wpt/pull/43400) with the new tests considering the new behavior
* Implementing the changes in the algorithms with the deriveBits operation to support optional length parameter
- https://chromium-review.googlesource.com/c/chromium/src/+/5686232 [REVIEW]
- https://github.com/WebKit/WebKit/pull/30667 [ REVIEW ]
* Google asked to solve the interop issue regarding HKDF and length=0 in a separate issue
- The [PR](https://github.com/w3c/webcrypto/pull/275) to change the spec was back in 2021 and both Safari and Firefox implement that behavior
## 2024 Weeks 19 - 23
Hello, Please find below the status summary for the tasks from wk19-23 of 2024. Please let us know if you have any questions.
**Support Extensions in custom protocols**
* Continue working on the design document
- https://docs.google.com/document/d/1e6mSsbjLqBd1_4EAS_AX543vy53oq8SlycNwQ0mZ46g/edit?usp=sharing
- permissions management
- security considerations
- alternatives considered
* Shared the design document with google
- asking also for early feedback on the Extension API prototype
**Handling pending WebTransport sessions**
* Prototyping the origin's hashmap as the first mitigation issue
- Implementation of strategy pattern, under a runtime flag
- https://chromium-review.googlesource.com/c/chromium/src/+/5577378
- https://chromium-review.googlesource.com/c/chromium/src/+/5587497
* Implementation of a MVP and asked Google engineers for an early review
- https://chromium-review.googlesource.com/c/chromium/src/+/5600351
* Provided a prebuilt Linux binary of Chromium with my prototype
**New blog post about the WebCrypto related work**
* First draft of the blog post
- Summary about the current status and focus on the blockers for the intent-to-ship
## 2024 Weeks 13 - 18
Hello, Please find below the status summary for the tasks from wk13-18 of 2024. Please let us know if you have any questions.
**Support Extensions in custom protocols**
* Competed the analysis of the PWAs as Protocol Handlers feature's logic
- https://docs.google.com/document/d/1e6mSsbjLqBd1_4EAS_AX543vy53oq8SlycNwQ0mZ46g/edit?userstoinvite=steph.stimac@gmail.com&sharingaction=manageaccess&role=writer#heading=h.brfyb0wbqzmg
- permissions before registering the protocol handlers
- integration with the Chromium's external handlers logic
- OS integration layer
* Implemented a prototype
- new approach, based on the //components/custom_hadnlers, to share the logic used by the registerProtocolHander HTML API
- https://chromium-review.googlesource.com/c/chromium/src/+/5518971
risks/challenges
- could be perceived as a origin policy bypass
- argument was that pwa can do it
- but pwa model is not about redirecting network reqs
- maybe custom protocol is less dangerous - visually says it's doing non-http stuff, vs extensions that have cross-origin but have no user interface
- sec review is easier/clearer for vendors/market
- pwa shim: reduces new stuff to implement by vendors
**Implement the Ed25519 in browsers**
* Working on the interoperability issues of the deriveBits operation
- Fixed a bug in some of the histograms added for this feature
+ https://chromium-review.googlesource.com/c/chromium/src/+/5328466 \[ LANDED \]
* Continue the discussion about the PR to merge the Curve25519 algorithms in the Web Cryptography API specification
- https://github.com/w3c/webcrypto/pull/362
## 2024 Weeks 10 - 12
Hello, Please find below the status summary for the tasks from wk10-12 of 2024. Please let us know if you have any questions.
**Implement the Ed25519 in browsers**
- recap of the blockers for the intent-to-ship
- https://github.com/w3c/webcrypto/pull/362
- refactoring of the EdDSA WPT tests
- https://github.com/web-platform-tests/wpt/pull/44719
- Attended the WepAppSec WG meeting to talk about the PR to merge the Curve25519 algorithms
**Handling pending WebTransport sessions**
- Working on the design document
- https://docs.google.com/document/d/1j2NJqLQyAHSBZArW6Iwg8uVId3NGQxnBV7b9LYbd8FM/edit#heading=h.numlu03ovx44
- Sent the email to the blink-networking-dev mailing list
- https://groups.google.com/a/chromium.org/d/msgid/blink-network-dev/932783a5-d2cf-4f6a-b7a0-88d7212d9ec1%40igalia.com
**Support Extensions in custom protocols**
- doing a recap of the proposal lidel outlined to implement a service-worker fetch listener
- https://github.com/ipfs/in-web-browsers/issues/212
- Start a new design doc for the implementation of the protocol handler registration at install time
- https://docs.google.com/document/d/1e6mSsbjLqBd1_4EAS_AX543vy53oq8SlycNwQ0mZ46g/edit#heading=h.brfyb0wbqzmg
- Resume the prototyping efforts (will share the code soon)
- Evaluating ways to use the PWAs ManifestManage
+ discard the use of the PWAs ManifestManager since its architecture (happening on the renderer process) doesn't fix well with how the WebExtensions logic is implemented.
- going back to the regular ManifestHander based parsing
+ focusing now on usins the custom_handlers component and share the PWAs permissions logic if possible
**Firefox support for WebTransport transport**
- Attending the Web Transport WG meeting to talk about the need of WPT
- https://github.com/w3c/webtransport/issues/589
## 2024 Weeks 08 - 09
Hello, Please find below the status summary for the tasks from wk08-09 of 2024. Please let us know if you have any questions.
**Implement the Ed25519 in browsers**
* Anne (WebKit) asked me last Friday to bring the Curve25519 algorithms into the WebAppSec WG
- he thinks it would be good to unblock the shipment of the feature
- Review the PR by Daniel to merge the Curve25519 into the Web Cryptography API specification
- https://github.com/w3c/webcrypto/pull/362
* Fixing some wrong tests in the Ed25519 cases
- https://github.com/web-platform-tests/wpt/pull/44719 [ REVIEW ]
* Filed a bug against BoringSSL to request additional checks for the of small-order points in the Ed25519 algorithm
- https://bugs.chromium.org/p/boringssl/issues/detail?id=697&
- David Ben replied that this issue is extremely low priority and thinks that the Web Crypto implementation should stick to what the platform's library provides.
* Continue working on the deriveBts interoperability issues
- investigating a possible bug in the UMAs implementation
- https://chromium-review.googlesource.com/c/chromium/src/+/5328466 [ REVIEW ]
- The counter for the '0' value seems correct, so the lack of data may imply no usage at all, which would be good news since we want to merge a PR in the spec that would change WebKit's behavior on that use case.
- https://chromestatus.com/metrics/feature/timeline/popularity/4745
- https://chromestatus.com/metrics/feature/timeline/popularity/4746
**Firefox support for WebTransport transport**
* Review the patch to complete the implementation of the serverCertificateHash feature
- https://bugzilla.mozilla.org/show_bug.cgi?id=1873263
- This bug has been fixed by an external contributor and it's been merged already
- https://phabricator.services.mozilla.com/D197857
* Still working on the WPT for this feature
- Filed an issue for the Web Transport WG
- https://github.com/w3c/webtransport/issues/589
- It's going to be discussed in the next meeting
- https://www.w3.org/wiki/WebTransport/Meetings2023#WebTransport_Bi-weekly_Virtual_Meeting_#76_early_-_March_12,_2024
**Handling pending WebTransport sessions**
* continue with the analysis of the too many pending WebTransport connections issues
* Meeting with lidel about the WebTransport bug related to the pending handshake requests
- brainstorming about the test case and possible approaches
* start working on the design document
* https://docs.google.com/document/d/1j2NJqLQyAHSBZArW6Iwg8uVId3NGQxnBV7b9LYbd8FM/edit?usp=sharing
## 2024 Weeks 06 - 07
Hello, Please find below the status summary for the tasks from wk06-07 of 2024. Please let us know if you have any questions.
**Implement the Ed25519 in browsers**
* Continue the discussion about the interoperability issues related to the deriveKey length
- https://github.com/w3c/webcrypto/issues/322
- https://github.com/w3c/webcrypto/issues/329
- New tentative Web Platform Tests
- https://github.com/web-platform-tests/wpt/pull/43400 [ REVIEW ]
- Conversation with David Ben (Google) about the UMAs we added last year to evaluate the use of the value '0' as deriveKey's length
+ https://chromestatus.com/metrics/feature/timeline/popularity/4745
+ https://chromestatus.com/metrics/feature/timeline/popularity/4746
+ It seems there must be a bug, since we've got no data so far
* Discussion about the use if small-order key in Ed25519 signatures
- New Web Platform tests, thanks to the test vectors found in a paper
- https://github.com/web-platform-tests/wpt/pull/43751 [ MERGED ]
- Discussed with the spec editor some changes in the spec
- https://github.com/WICG/webcrypto-secure-curves/issues/19
- https://github.com/WICG/webcrypto-secure-curves/pull/25 [ MERGED ]
* Reactivate the issue about the removal of the 'alg' JWK field from the import operation's logic
- https://bugs.webkit.org/show_bug.cgi?id=262613
- https://issues.chromium.org/issues/40074061
**Firefox support for WebTransport transport**
* retake the review of the patch to complete the serverCertificateHashes feature
- https://bugzilla.mozilla.org/show_bug.cgi?id=1873263
* filed an WebTransposrt issue for the lack of WPT
- https://github.com/w3c/webtransport/issues/589
**Handling pending WebTransport sessions**
* Preliminary analysis of the demo, the test cases provided and the discussion in the issue tracker
* Contacted Google's engineer that owns the bug to ask about the current status and their plans
- It seems that there is no plans to do any work on this feature, but they offered help with reviews
- They asked for a design do before to discuss any potential approach
## 2024 Weeks 01 - 05
Hello, Please find below the status summary for the tasks from wk01-05 of 2024. Please let us know if you have any questions.
**Firefox support for WebTransport transport**
- The patch with the serverCertificateHas implementation has landed, but someone filed a bug claiming the implementation is not complete according to the specs
- https://bugzilla.mozilla.org/show_bug.cgi?id=1873263
- help with the reviews
- Continue working on the WPT
- trying to figure out a way to use the WPT HTTP server's certificate from the tests
- Investigating why the test fail in Chrome (shows an error during handshaking logic)
- the problem was that the spec, which Chrome implements completely, requires a maximum of 14 days validity for the certificate and doesn't allow RSA
- discussion in the WPT channel about the problems we have and changes needed in the testing infrastructure
- gathering feedback among the browser engineers that own the feature
- Exploring the server substitutions to make the hash fingerprint be resolved at execution time
## 2023 Weeks 50 - 52
Hello, Please find below the status summary for the tasks from wk50-52 of 2023. Please let us know if you have any questions.
**Implement the Ed25519 in browsers**
* Fixing the interoperability issues in the deriveBits method
- Change X25519´s behavior to match the current spec
+ https://chromium-review.googlesource.com/c/chromium/src/+/5013612 [ LANDED ]
- There is an ongoing discussion about this that eventually will imply another change in all the algorithms providing the deriveBits implementation (HKDF, PBKDF2, ECDH and X25519)
+ https://github.com/w3c/webcrypto/issues/322
- Implementing new WPT with new test cases for the deriveBits operation
+ https://github.com/web-platform-tests/wpt/pull/43400
* Analyzing the discussion in the bug about the "JWK" field removal
- https://issues.chromium.org/issues/40074061
- https://bugs.webkit.org/show_bug.cgi?id=262613
- There are patches to fix these 2 bugs, but they are blocked until we get an agreement
+ https://chromium-review.googlesource.com/c/chromium/src/+/5054207 [ REVIEW ]
+ https://github.com/WebKit/WebKit/pull/21006 [ REVIEW ]
* Additional checks against the use of small-order points in EdDSA signatures
- https://issues.chromium.org/issues/40251305
- Working on new WPT for these cases
+ https://github.com/web-platform-tests/wpt/pull/43751
These 3 issues are the ones blocking the intent-to-ship on Chrome, and probably in Safari as well.
**Firefox support for WebTransport transport**
* Initial implementation in Firefox of the serverCertificateHash feature of the Web Transport spec
- https://phabricator.services.mozilla.com/D195966 [ LANDED ]
* Evaluating possible WPT based on Chrome's internal tests
- investigating how to deal with the WPT https server certificates
- the problem is that the spec, which Chrome implements completely, requires a maximum of 14 days validity for the certificate and doesn't allow RSA
- exploring the server substitutions to make the hash fingerprint be resolved at execution time
* someone filed a bug claiming the implementation is not complete according to the specs
- https://bugzilla.mozilla.org/show_bug.cgi?id=1873263
- The initial implementation was incomplete; we need a specific certificate validators to fulfill the requirements of the spec
+ https://w3c.github.io/webtransport/#custom-certificate-requirements
+ the certificate MUST be an X.509v3 certificate as defined in [RFC5280]
+ the key used in the Subject Public Key field MUST be one of the allowed public key algorithms
+ the current time MUST be within the validity period of the certificate as defined in Section 4.1.2.5 of [RFC5280]
+ the total length of the validity period MUST NOT exceed two weeks
+ Some external contributor is working on it and asked me for reviews
* filed an WebTransposrt issue for the lack of WPT
- https://github.com/w3c/webtransport/issues/589