W3C home > Mailing lists > Public > public-webcrypto@w3.org > May 2012

Re: [W3C Web Crypto WG] Deciding the algorithms supported by the API

From: David Dahl <ddahl@mozilla.com>
Date: Mon, 21 May 2012 10:03:25 -0700 (PDT)
To: Eric Rescorla <ekr@rtfm.com>
Cc: public-webcrypto@w3.org, Zooko Wilcox-OHearn <zooko@leastauthority.com>
Message-ID: <1183120179.2706231.1337619805785.JavaMail.root@mozilla.com>


----- Original Message -----
> From: "Eric Rescorla" <ekr@rtfm.com>
> To: "Zooko Wilcox-OHearn" <zooko@leastauthority.com>
> Cc: public-webcrypto@w3.org
> Sent: Monday, May 21, 2012 11:16:36 AM
> Subject: Re: [W3C Web Crypto WG] Deciding the algorithms supported by the API
>
> >> For signing/MAC:
> >>    | HS256              | HMAC using SHA-256 hash algorithm
> >>    |             |
> >>    | ES256              | ECDSA using P-256 curve and SHA-256 hash
> >>    |      |
> 
> Hmm... I realize that many people would prefer we only use EC, but
> I'm
> having a lot of trouble understanding the usefulness of a crypto API
> which can't interoperate with the vast majority of cryptographic
> systems
> in current deployment, which generally use RSA and/or DH.

I agree. There is also the issue of implementations that may not be able to use EC for the foreseeable future.

Regards,

David
Received on Monday, 21 May 2012 17:04:15 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:10 UTC