W3C home > Mailing lists > Public > public-identity@w3.org > November 2011

Re: Last call for Use-cases/Goals for web crypto charter

From: David Dahl <ddahl@mozilla.com>
Date: Fri, 25 Nov 2011 08:14:12 -0800 (PST)
To: Andrew Sutherland <asutherland@asutherland.org>
Cc: public-identity@w3.org
Message-ID: <212388712.182402.1322237652387.JavaMail.root@zimbra1.shared.sjc1.mozilla.com>

Plus, I can imagine all kinds of messaging apps: Real time chat, twitter-like broadcast apps, etc.

More use cases:

1. Via the file API, encrypt files before transferring to cloud storage.

2. LocalStorage encryption



----- Original Message -----
From: "Andrew Sutherland" <asutherland@asutherland.org>
To: public-identity@w3.org
Sent: Thursday, November 24, 2011 3:08:45 PM
Subject: Re: Last call for Use-cases/Goals for web crypto charter

On 11/24/2011 05:55 AM, Harry Halpin wrote:
> So everyone who has a use-case please send it now, described in 1-2 
> sentences. Then also, *look* at the primary/secondary/ and 
> out-of-scope features and list what features are necessary for the 
> goal. Also, to see if anything is missing.

Use-case: Encrypted messaging client.

Primary necessities: key pair generation, encryption, decryption, 
digital signature generation and verification, hash/message digest 
algorithms, key storage.
Secondary necessities: strong random number generation, destruction of 
temporary credentials

Primary not required: key transport/agreement algorithms

Additional details: Mozilla Labs has an encrypted messaging experiment 
under development, deuxdrop. ( https://github.com/mozilla/deuxdrop).  
While user trust of the client's code is more biased towards an 
extension model for deployment, we are trying to use as many web 
technologies as possible and to be capable of operating without any 
special privileges in a standard web browser.  Right now, crypto is 
provided by the NaCl library ( http://nacl.cr.yp.to/) exposed to JS via 
privileged js-ctypes shims, but if we could use baked-in web platform 
crypto like DOMCrypto or the outcome of the web crypto effort, that 
would be much better.  Obviously, the underlying crypto primitives would 
need to change, as I don't expect NaCl's primitives to be adopted, but 
our current implementation was never intended to be permanent.

Received on Friday, 25 November 2011 16:14:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:00:47 UTC