- From: Mike West <mkwst@google.com>
- Date: Wed, 11 Dec 2019 16:59:14 +0100
- To: Daniel Veditz <dveditz@mozilla.com>
- Cc: Ilya Chesnokov <ilya.chesnokov@protonmail.com>, Wendy Seltzer <wseltzer@w3.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>, "d.huigens@protonmail.com" <d.huigens@protonmail.com>
- Message-ID: <CAKXHy=e_tUHcGokDzW5VuL+c04X6Ovk7iMqoD_wYjbv=PAkDcw@mail.gmail.com>
I think a reasonable approach here would be to propose this improvement to WebCrypto via WICG (https://wicg.io/). There seems to be interest in the mechanism, and adding two reasonably well-defined algorithms to the existing spec is probably something that won't be terribly controversial. Getting browser vendor interest in the details and implementation of those algorithms via the WICG would be a good signal that the W3C should pick it back up, either in this working group or another (which would require some charter work one way or the other, which is a bit of wrangling that it seems reasonable to avoid until we know that there's a need). FWIW, this seems reasonable to me, and I've heard interest in similar work from entities inside Google as well. I expect I could hook them up with y'all via the WICG. :) -mike On Wed, Dec 11, 2019 at 4:51 AM Daniel Veditz <dveditz@mozilla.com> wrote: > That seems like a reasonable proposal but updating the Web Crypto API > seems outside the scope of this group's charter. > > Wendy: Where should we direct this request? The API was defined in the Web > Crypto WG, closed since 2017. A note on their w3.org page said that > maintenance of the Web Crypto spec would be carried on in the Web Security > Interest Group, which closed in October. Would this fit in the Web > Authentication group, or is their scope limited to that one specification? > > -Dan Veditz > > On Tue, Dec 10, 2019 at 1:49 AM Ilya Chesnokov < > ilya.chesnokov@protonmail.com> wrote: > >> Hello, members of web app security group. >> >> My name is Ilya Chesnokov and I represent Proton Technologies AG - the >> company behind Protonmail, the world's largest encrypted email provider. >> Our company is interested in enhancing the web cryptography specification >> (https://www.w3.org/TR/WebCryptoAPI/) to include curve25519 and >> curve448. For the former curve, there exists a written proposal, albeit >> incomplete https://github.com/trevp/curve25519_webcrypto. Also, there >> was a formal voting with most votes against this; the main reason was that >> these curves were not included in the CFRG or TLS standards (an example >> vote is here >> https://lists.w3.org/Archives/Public/public-webcrypto/2014Aug/0107.html). >> >> Now both curves are included in CFRG standard >> https://tools.ietf.org/html/rfc7748 and in the TLS draft >> https://tools.ietf.org/html/draft-ietf-tls-curve25519-01, therefore, it >> seems that including these curves now in the web crypto API is a reasonable >> choice. >> >> Proton technologies is interested in writing necessary specification, >> since it will advance our openpgp implementation (working draft of the spec >> with curve 25519 is here >> https://tools.ietf.org/html/draft-koch-openpgp-rfc4880bis-02). This mail >> is intended to gauge interest in including curve 25519 and curve 448 to web >> crypto api, all replies are welcome. >> >> Best regards Ilya Chesnokov >> >> Sent with ProtonMail <https://protonmail.com> Secure Email. >> >>
Received on Wednesday, 11 December 2019 15:59:30 UTC