Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JSON-LD Context security considerations #21

Open
msporny opened this issue Jan 13, 2014 · 2 comments
Open

JSON-LD Context security considerations #21

msporny opened this issue Jan 13, 2014 · 2 comments
Assignees
@msporny
Labels
bug spec web-payments
Milestone
payswarm-v1

Comments

@msporny
Copy link
Member

msporny commented Jan 13, 2014

We should elaborate on the requirement for payment processors to cache the JSON-LD contexts used for performing financial transfer (or any sort of operation that has legal ramifications or could be used for theft if corrupted).

Manu Sporny wrote:

Talking specifically about the PaySwarm JSON-LD context, it will always
be built into the software due to attack vectors through the JSON-LD
context if the w3id.org website or the web-payments.org website were to
ever be compromised. It's possible to reverse transactions by switching
the meaning of "source" and "destination" in a PaySwarm transaction. To
protect against that attack, PaySwarm payment processor software always
uses local, verified, up-to-date copies of all JSON-LD contexts used for
financial transaction purposes.
Elf Pavlik wrote:
Very interesting! Does it stand somewhere in 'Security Considerations' of one of Web Payments specs? Might make sense to put it somewhere around: https://web-payments.org/specs/source/web-payments/#the-transaction-algorithm

The discussion started here: http://lists.w3.org/Archives/Public/public-webpayments/2013Dec/0098.html
@ghost ghost assigned msporny Jan 13, 2014
@elf-pavlik
Copy link
Contributor

maybe adding in JSON-LD something like contextHash would also help later on with contexts for web-identity etc. ?

@msporny
Copy link
Member Author

msporny commented Jan 13, 2014

Well, the problem w/ contextHash (we've considered doing something like it before), is that you can layer other JSON-LD contexts on top of base contexts. So, someone could have a context line that looks something like this:

'@context': ['https://w3id.org/payswarm/v1', 'https://mycontext.org/foo/v1']

What would the context hash for that be? If the context hashes don't match, should the entire operation fail? What if the term was not used in the message?

We answered those questions like so: there shouldn't be context hashes because they're brittle. The operation should succeed as long as the data that both sides are expressing is the same (and you can verify that it is the same by running the JSON-LD expand operation). If the term isn't used in the message, and the data that both sides are communicating matches, then the operation should succeed.

@ioggstream ioggstream mentioned this issue Aug 5, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@msporny msporny

Labels
bug spec web-payments
Projects
None yet
Milestone
payswarm-v1
Development

No branches or pull requests
2 participants
@msporny @elf-pavlik