Re: Request for feedback: DOMCrypt API proposal from Jonas Sicking on 2011-06-03 (public-webapps@w3.org from April to June 2011)

From: Jonas Sicking <jonas@sicking.cc>
Date: Thu, 2 Jun 2011 22:31:48 -0700
To: Adam Barth <w3c@adambarth.com>
Cc: David Dahl <ddahl@mozilla.com>, public-webapps@w3.org
Message-ID: <BANLkTimJ0-HpRn6Cs74m0raAgyZSRfWVfA@mail.gmail.com>

I unfortunately know very little about crypto (at least compared to
this crowd), so I can't provide much useful input. But I do have a few
comments.

>>> What is a cipherAddressbook ?
>>
>> It is an object literal that you store discovered public keys in - which are referred to as "addressbook entries". The Addressbook bits of this API will have to wait for their own spec I think. i was trying to allow for key discovery and storage in the simplest way possible: a custom tag or meta tag is published on your blog and your contacts are alerted by the browser during a visit to the page. The user can then store that 'addressbook entry' (or key) for later use.
>
> Oh man.  I'd remove this from the spec.  That's a whole other can of
> worms.  This API should just be the nuts and bolts of the crypto.

I agree that keychains and the like seems like a can of worms. However
something that we'll eventually will need in some form.

I suggest that we punt on this feature for now and leave it for
version 2. It can always be kept in the prototype using a 'moz'
prefix.

>>> Finally, this all should be on the crypto object, not on a new cipher object.
>>
>> More and more people are saying that.
>
> Maybe you should listen to them?

I absolutely agree that this needs to live on the 'crypto' property.
Introducing new properties on the window object always carries big
risks since it shares namespace with global variables. Hence
introducing a new property can break pages that have no intention of
using the property. This can be mitigated by making the property
replaceable, but that only fixes half the problem so isn't really a
solution.

In this case we have the extremely rare luxury of having a property
already existing which not lives where we want it to live (the window
object), but also has a pretty good name. So the final implementation
should definitely hang the new API off of this property.

For prototyping purposes, it's easy to just call the property
'mozCrypto'. That'll let you use the same APIs that you already are to
hook it up.

/ Jonas

Received on Friday, 3 June 2011 05:32:45 UTC