W3C home > Mailing lists > Public > public-credentials@w3.org > April 2016

Re: WebCrypto - In "progress" since 2012

From: Randall Leeds <randall.leeds@gmail.com>
Date: Sat, 30 Apr 2016 00:02:01 +0000
Message-ID: <CAAL6JQg7Nq=Ne69FKPLTvLv344YdJJuSjU6tx8QQ=zDA4FMu7A@mail.gmail.com>
To: Timothy Holborn <timothy.holborn@gmail.com>, Anders Rundgren <anders.rundgren.net@gmail.com>, Web Payments CG <public-webpayments@w3.org>
Cc: W3C Credentials Community Group <public-credentials@w3.org>
Pieces of WebCrypto land in every new release of these major browsers and
the post you refer to is taking stock of things that are remaining barriers
to interoperability.

Just this past week, Firefox 46, "Added HKDF support for Web Crypto API
<https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API>".

>From my vantage point, WebCrypto is happening.

Does the progress disappoint you? Why? What's your rush?

More importantly, how is your vague complaining supposed to be in any way
helpful?

What are we supposed to take away from your message?

On Fri, Apr 29, 2016 at 1:56 AM Timothy Holborn <timothy.holborn@gmail.com>
wrote:

> imho cryptography that is highly secure from un-intended use seemed
> interesting yet difficult to find means to work collaboratively on the
> stuff that would otherwise be considered 'low hanging fruit'. So, when
> thinking about it from a modern context - i also took into account quantum
> computing capabilities as to consider meaningfully concepts surrounding the
> principle of 'rule of law' where i noted today the following text
>
> There is no single agreed definition of the rule of law. However, there is
> a basic core definition that has near universal acceptance.
>
> As Emeritus Professor Geoffrey Walker, has written in his defining work on
> the rule of law in Australia: ‘…most of the content of the rule of law can
> be summed up in two points:
>
> (1) that the people (including, one should add, the government) should be
> ruled by the law and obey it and
>
> (2) that the law should be such that people will be able (and, one should
> add, willing) to be guided by it.’
>
> – Geoffrey de Q. Walker, The rule of law: foundation of constitutional
> democracy, (1st Ed., 1988).
>
>
> Source: http://www.ruleoflaw.org.au/principles/
>
>
> also, IMHO: It's that concept of a 'human centric web' that's most
> difficult to discover.   Yet in consideration - the way most people (who
> are old enough to remember) started on the web with trumpet winsock[2] -
> not something that was packaged with the OS (without going into the really
> old stuff...).
>
> Now therefore; When considering the concept of the map [3] I've been
> thinking about the differences or nuances between the goals of building a
> web for documents (ie: web 1/2) and one for data ("web 3").  If a 'trumpet
> winsock' to deal with the ID/Crypto issues were produce today, what would
> it do and how could it be packaged?  How would solve the very diverse
> issues that relate to the problem-domain?
>
> I guess underlying it all is a need to acknowledge that decisions are
> being made about processes that are being put into the hands of various
> parties and pending the architectural decisions of those designs; we'll
> end-up with different social outcomes regardless of 'who wins' the more
> myopically definitive process  as to have successfully completed the
> project.   Equally; i'm probably better off coding rather than thinking and
> well, the work done here has been rather awesome; so perhaps it's just my
> expectations that need to be adjusted...  that balance between doing your
> best and living with humility / being human.
>
> I think more work needs to go into producing interoperablity with SoLiD[4]
> solutions.  For me the process of trying to bring the two worlds together
> seems really very daunting...
>
> Tim.H
>
> [1] https://en.wikipedia.org/wiki/Lattice-based_cryptography
> [2] http://thanksfortrumpetwinsock.com/
> [3] https://www.w3.org/2007/09/map/main.jpg
> [4] https://github.com/solid/
>
>
> On Tue, 19 Apr 2016 at 15:33 Anders Rundgren <
> anders.rundgren.net@gmail.com> wrote:
>
>> https://lists.w3.org/Archives/Public/public-webcrypto/2016Jan/0022.html
>>
>> And still no interoperable standard.
>>
>> Making it possible extending browsers through Apps seems like a much
>> easier way keeping the Web alive and kicking.
>> Insurmountable security issues?  No, Google and Microsoft have solved
>> these in Web Payments; they just haven't shared their findings with us.
>>
>> Anders
>>
>>
Received on Saturday, 30 April 2016 00:02:41 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:28 UTC