W3C home > Mailing lists > Public > public-identity@w3.org > November 2011

Re: Last call for public comments on Web Crypto charter

From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Fri, 18 Nov 2011 05:34:55 +0000
Message-ID: <4EC5EE7F.7070003@cs.tcd.ie>
To: Harry Halpin <hhalpin@w3.org>
CC: public-identity@w3.org

I've very happy to see how this process has gone and the
resulting charter. I have two comments:-

I would strongly argue to move TLS key extraction into
the list of primary features. I guess that function might
not always produce a key, depending on client & server
implementations, but I think its important that it be
available since if/when it works, it would mean that an
awful lot of people would not need to develop their own
(and probably broken) key distribution schemes.

I would separately argue that the current list of primary
functions (esp without TLS key extraction) is not really
a "high-level API," right now, it looks much more like
just any old crypto API (e.g. if you have D-H, which
many developers might not understand very well). I think
requiring the WG to more somehow at a higher level than
JCE/JCA might be a way to indicate that.

Regards,
Stephen.

On 11/17/2011 03:17 PM, Harry Halpin wrote:
> Everyone,
>
> On next Tuesday, as said earlier, I plan to take the Web Cryptography
> charter [1] from the wiki and put it into HTML as an "official draft
> charter" then ask for preliminary feedback from the AC, before going to
> real AC review in December (thus launching Working Group in January).
>
> So, if you have any comments, *now* is the time to send to the mailing
> list. Suggested text replacement is most welcome.
>
>        cheers,
>           harry
>
> [1] http://www.w3.org/wiki/IdentityCharter
>
>
Received on Friday, 18 November 2011 05:35:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 18 November 2011 05:35:44 GMT