Discussion:
[chromium-discuss] To-content-element encryption
Dan Frost
2018-10-24 06:19:10 UTC
Permalink
Hi all,

I'm interested in learning about encryption and security in Chrome /
Chromium. My motivation is from a recent work project to secure content
between two business and an end customer (the human); think of it as B2B2C
where I don't want the B in the middle to be able to see any of the content
but they do have to manipulate the display fo the content from the first B
before it's shown to the C.

Is there are team who looks at end-to-end encryption / security? If so, I'd
like to contribute.

Thanks,
Dan
--
--
Chromium Discussion mailing list: chromium-***@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+***@chromium.org.
PhistucK
2018-10-24 06:54:47 UTC
Permalink
You basically want that B2 will not be able to read B1 content, but that B2
will be able to modify B1 content?
I do not think such a concept exists logically (in order to modify, you
have to know what is already there).

I guess write-only (not modify) might be feasible, but in that case, you
basically create a new content (B2 content).

☆*PhistucK*
Post by Dan Frost
Hi all,
I'm interested in learning about encryption and security in Chrome /
Chromium. My motivation is from a recent work project to secure content
between two business and an end customer (the human); think of it as B2B2C
where I don't want the B in the middle to be able to see any of the content
but they do have to manipulate the display fo the content from the first B
before it's shown to the C.
Is there are team who looks at end-to-end encryption / security? If so,
I'd like to contribute.
Thanks,
Dan
--
--
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google Groups
"Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an
--
--
Chromium Discussion mailing list: chromium-***@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+***@chromium.org.
Dan Frost
2018-10-24 07:03:24 UTC
Permalink
Not quite.

What I mean is:

- Suppose B1 is my bank and B2 is an app
- B2 wants to display information from my bank (B1) to me but I don't want
B1 ever to see the detail of that. So, I am happy that they lay out the
information from the bank and even define calculations, but I want the
laying out of the real content (balance, transactions etc) and any
calculations to happen in my client (e.g. Chrome) inside a sandbox that B2
can't access.

I think I'm describing it badly. So I'll try again:

As a consumer, granting access to my bank or other data is high risk / high
trust. I want to know who is seeing the data. But what if the person (B2)
I'm granting access to only has an encrypted version of that? It would have
to be in form that behaves like a type - e.g. `EncryptedStringObject` which
has length etc, but can't reveal it's content.

This is what made me think of it:
https://www.google.com/url?q=https://decentralize.today/why-we-havent-figured-out-client-side-encryption-right-yet-857d6c8495d3?source%3DuserActivityShare-fdbed1013dbe-1540031166&source=gmail&ust=1540450846391000&usg=AFQjCNENXbr5NH3StgDPzTLbcYP2gD9KDw

Also another scenario at work whereby we (as the B1) want to provide
content to the consumer and we have to do it through B2, but we would
really love it if B2 never saw an unencrypted version of the content
because they could steal it.

It Chrome could build a node-level sandbox like that (which I'd like to try
and do), that would be hugely powerful.

Did I make any sense?!
Post by PhistucK
You basically want that B2 will not be able to read B1 content, but that
B2 will be able to modify B1 content?
I do not think such a concept exists logically (in order to modify, you
have to know what is already there).
I guess write-only (not modify) might be feasible, but in that case, you
basically create a new content (B2 content).
☆*PhistucK*
Post by Dan Frost
Hi all,
I'm interested in learning about encryption and security in Chrome /
Chromium. My motivation is from a recent work project to secure content
between two business and an end customer (the human); think of it as B2B2C
where I don't want the B in the middle to be able to see any of the content
but they do have to manipulate the display fo the content from the first B
before it's shown to the C.
Is there are team who looks at end-to-end encryption / security? If so,
I'd like to contribute.
Thanks,
Dan
--
--
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google Groups
"Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an
--
--
Chromium Discussion mailing list: chromium-***@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+***@chromium.org.
PhistucK
2018-10-24 07:10:24 UTC
Permalink
Well, I am sure you know it, but such a protection exists... <iframe> (or
the futuristic portals, but I think they are very similar to <iframe>).
Perhaps a closed Shadow DOM (maybe in combination with the upcoming
ECMAScript Realms and/or getOriginalMember) could be relevant, though
probably not.

☆*PhistucK*
Post by Dan Frost
Not quite.
- Suppose B1 is my bank and B2 is an app
- B2 wants to display information from my bank (B1) to me but I don't want
B1 ever to see the detail of that. So, I am happy that they lay out the
information from the bank and even define calculations, but I want the
laying out of the real content (balance, transactions etc) and any
calculations to happen in my client (e.g. Chrome) inside a sandbox that B2
can't access.
As a consumer, granting access to my bank or other data is high risk /
high trust. I want to know who is seeing the data. But what if the person
(B2) I'm granting access to only has an encrypted version of that? It would
have to be in form that behaves like a type - e.g. `EncryptedStringObject`
which has length etc, but can't reveal it's content.
https://www.google.com/url?q=https://decentralize.today/why-we-havent-figured-out-client-side-encryption-right-yet-857d6c8495d3?source%3DuserActivityShare-fdbed1013dbe-1540031166&source=gmail&ust=1540450846391000&usg=AFQjCNENXbr5NH3StgDPzTLbcYP2gD9KDw
Also another scenario at work whereby we (as the B1) want to provide
content to the consumer and we have to do it through B2, but we would
really love it if B2 never saw an unencrypted version of the content
because they could steal it.
It Chrome could build a node-level sandbox like that (which I'd like to
try and do), that would be hugely powerful.
Did I make any sense?!
Post by PhistucK
You basically want that B2 will not be able to read B1 content, but that
B2 will be able to modify B1 content?
I do not think such a concept exists logically (in order to modify, you
have to know what is already there).
I guess write-only (not modify) might be feasible, but in that case, you
basically create a new content (B2 content).
☆*PhistucK*
Post by Dan Frost
Hi all,
I'm interested in learning about encryption and security in Chrome /
Chromium. My motivation is from a recent work project to secure content
between two business and an end customer (the human); think of it as B2B2C
where I don't want the B in the middle to be able to see any of the content
but they do have to manipulate the display fo the content from the first B
before it's shown to the C.
Is there are team who looks at end-to-end encryption / security? If so,
I'd like to contribute.
Thanks,
Dan
--
--
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google
Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send
--
--
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google Groups
"Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an
--
--
Chromium Discussion mailing list: chromium-***@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+***@chromium.org.
Dan Frost
2018-10-24 07:12:49 UTC
Permalink
I wondered about iframe, but the B2 has to be able to manipulate (layout,
perhaps do calculations etc) which the iframe sandbox prevents.
I'll look into the closed shadow DOM idea, but I don't think that's quite
the same either.
Post by PhistucK
Well, I am sure you know it, but such a protection exists... <iframe> (or
the futuristic portals, but I think they are very similar to <iframe>).
Perhaps a closed Shadow DOM (maybe in combination with the upcoming
ECMAScript Realms and/or getOriginalMember) could be relevant, though
probably not.
☆*PhistucK*
Post by Dan Frost
Not quite.
- Suppose B1 is my bank and B2 is an app
- B2 wants to display information from my bank (B1) to me but I don't
want B1 ever to see the detail of that. So, I am happy that they lay out
the information from the bank and even define calculations, but I want the
laying out of the real content (balance, transactions etc) and any
calculations to happen in my client (e.g. Chrome) inside a sandbox that B2
can't access.
As a consumer, granting access to my bank or other data is high risk /
high trust. I want to know who is seeing the data. But what if the person
(B2) I'm granting access to only has an encrypted version of that? It would
have to be in form that behaves like a type - e.g. `EncryptedStringObject`
which has length etc, but can't reveal it's content.
https://www.google.com/url?q=https://decentralize.today/why-we-havent-figured-out-client-side-encryption-right-yet-857d6c8495d3?source%3DuserActivityShare-fdbed1013dbe-1540031166&source=gmail&ust=1540450846391000&usg=AFQjCNENXbr5NH3StgDPzTLbcYP2gD9KDw
Also another scenario at work whereby we (as the B1) want to provide
content to the consumer and we have to do it through B2, but we would
really love it if B2 never saw an unencrypted version of the content
because they could steal it.
It Chrome could build a node-level sandbox like that (which I'd like to
try and do), that would be hugely powerful.
Did I make any sense?!
Post by PhistucK
You basically want that B2 will not be able to read B1 content, but that
B2 will be able to modify B1 content?
I do not think such a concept exists logically (in order to modify, you
have to know what is already there).
I guess write-only (not modify) might be feasible, but in that case, you
basically create a new content (B2 content).
☆*PhistucK*
Post by Dan Frost
Hi all,
I'm interested in learning about encryption and security in Chrome /
Chromium. My motivation is from a recent work project to secure content
between two business and an end customer (the human); think of it as B2B2C
where I don't want the B in the middle to be able to see any of the content
but they do have to manipulate the display fo the content from the first B
before it's shown to the C.
Is there are team who looks at end-to-end encryption / security? If so,
I'd like to contribute.
Thanks,
Dan
--
--
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google
Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send
--
--
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google Groups
"Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an
--
--
Chromium Discussion mailing list: chromium-***@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+***@chromium.org.
PhistucK
2018-10-24 07:46:58 UTC
Permalink
It has to be a cooperation between the two websites.
B1 can send (and get) messages to its B2 parent (
window.parent.postMessage(...)) with the relevant values (I assume "do
calculations" refer to layout calculations and not financial calculations),
like the width, height, left, top, right and bottom of the content or
anything else you need.

☆*PhistucK*
Post by Dan Frost
I wondered about iframe, but the B2 has to be able to manipulate (layout,
perhaps do calculations etc) which the iframe sandbox prevents.
I'll look into the closed shadow DOM idea, but I don't think that's quite
the same either.
Post by PhistucK
Well, I am sure you know it, but such a protection exists... <iframe> (or
the futuristic portals, but I think they are very similar to <iframe>).
Perhaps a closed Shadow DOM (maybe in combination with the upcoming
ECMAScript Realms and/or getOriginalMember) could be relevant, though
probably not.
☆*PhistucK*
Post by Dan Frost
Not quite.
- Suppose B1 is my bank and B2 is an app
- B2 wants to display information from my bank (B1) to me but I don't
want B1 ever to see the detail of that. So, I am happy that they lay out
the information from the bank and even define calculations, but I want the
laying out of the real content (balance, transactions etc) and any
calculations to happen in my client (e.g. Chrome) inside a sandbox that B2
can't access.
As a consumer, granting access to my bank or other data is high risk /
high trust. I want to know who is seeing the data. But what if the person
(B2) I'm granting access to only has an encrypted version of that? It would
have to be in form that behaves like a type - e.g. `EncryptedStringObject`
which has length etc, but can't reveal it's content.
https://www.google.com/url?q=https://decentralize.today/why-we-havent-figured-out-client-side-encryption-right-yet-857d6c8495d3?source%3DuserActivityShare-fdbed1013dbe-1540031166&source=gmail&ust=1540450846391000&usg=AFQjCNENXbr5NH3StgDPzTLbcYP2gD9KDw
Also another scenario at work whereby we (as the B1) want to provide
content to the consumer and we have to do it through B2, but we would
really love it if B2 never saw an unencrypted version of the content
because they could steal it.
It Chrome could build a node-level sandbox like that (which I'd like to
try and do), that would be hugely powerful.
Did I make any sense?!
Post by PhistucK
You basically want that B2 will not be able to read B1 content, but
that B2 will be able to modify B1 content?
I do not think such a concept exists logically (in order to modify, you
have to know what is already there).
I guess write-only (not modify) might be feasible, but in that case,
you basically create a new content (B2 content).
☆*PhistucK*
Post by Dan Frost
Hi all,
I'm interested in learning about encryption and security in Chrome /
Chromium. My motivation is from a recent work project to secure content
between two business and an end customer (the human); think of it as B2B2C
where I don't want the B in the middle to be able to see any of the content
but they do have to manipulate the display fo the content from the first B
before it's shown to the C.
Is there are team who looks at end-to-end encryption / security? If
so, I'd like to contribute.
Thanks,
Dan
--
--
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google
Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send
--
--
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google
Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send
--
--
Chromium Discussion mailing list: chromium-***@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+***@chromium.org.
Loading...