Re: Current status of pre-Last Call bugs from Mark Watson on 2014-02-08 (public-webcrypto@w3.org from February 2014)

From: Mark Watson <watsonm@netflix.com>
Date: Fri, 7 Feb 2014 16:52:44 -0800
To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CAEnTvdAhpN3hm=jCUCyxQxqF5DUKK51HE3_Lh-S-N=4vVK33_g@mail.gmail.com>
All,

I have made some proposals for the algorithm procedures for several of our
algorithms in the Editor's Draft: RSA-ES, RSA-SSA, RSA-PSS, RSA-OAEP and
ECDH. There are some open issues noted in the specification proposals.

During this process I have also tried to improve the linkage between the
method specifications and the algorithm procedures. The method
specifications now explicitly say how method parameters are mapped to the
input variables for the algorithm procedures.

Some notable points which came up:
- I assumed that when generating a key pair the public key would always
have extractable = true
- Throughput the spec we often "terminate with an error" without saying
which error. I assume we will want to go through and define the errors at
some point
- We will need to specify how the bits which result from various deriveKey
operations (e.g. ECDH) are turned into a key for the specified derived key
algorithm

...Mark

Best ... Mark


On Fri, Feb 7, 2014 at 8:58 AM, Mark Watson <watsonm@netflix.com> wrote:

> All,
>
> I tagged the bugs that are blocking Last Call: http://tinyurl.com/k36896o
>
> If additional bugs should block Last Call, please tag them "prelc".
>
> ...Mark
>
>
> On Thu, Feb 6, 2014 at 6:42 PM, Mark Watson <watsonm@netflix.com> wrote:
>
>> All,
>>
>> We had 15 bugs that were identified as needing to be resolved before Last
>> Call. The following is a status update since my last mail on these sent
>> before the last meeting. I've omitted those that were resolved at the time
>> of the last update.
>>
>>
>> *Bug 20611* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=20611> -
>> Specify the text encoding for JWK key format
>>
>>
>> OPEN - I propose we specify UTF-8, following the JWK specification,
>> unless anyone objects.
>>
>>
>> *Bug 22570* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=22570> -
>> AES-GCM should provide distinct inputs/outputs for the tag
>>
>>
>> ASSIGNED: agreed on 1/27 that the tag will be appended to the ciphertext
>>
>>
>> *Bug 23831* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23831> - add
>> HMAC-SHA1 to the list of recommended algorithms
>>
>>
>> RESOLVED FIXED: HMAC-SHA1 added to list of recommended algorithms as
>> agreed on 1/27
>>
>>
>> *Bug 23445* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23445> -
>> typo with BigInteger?
>>
>>
>> RESOLVED FIXED: according to 1/27 discussion
>>
>>
>> *Bug 23500* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23500> - Raw
>> AES access?
>>
>>
>> OPEN - list discussion:
>> http://lists.w3.org/Archives/Public/public-webcrypto/2014Jan/0029.html
>>
>>
>> *Bug 23729* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23729> - Key
>> usages future compatibility
>>
>>
>> RESOLVED FIXED: switch to DOMStrings according to 24415
>>
>>
>> *Bug 23503* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23503> -
>> Should algorithms (ECC in particular) be extensible?
>>
>>
>> RESOLVED FIXED: switch to DOMStrings according to 24415
>>
>>
>> *Bug 23495* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23495> -
>> Should an informative note mention that entropy is expected? (and an
>> error defined ?)
>>
>>
>> RESOLVED WORKSFORME.
>>
>>
>> There are in addition the following new bugs. We need to decide which of
>> these should be addressed before Last Call:
>>
>>
>> *Bug 24450 <https://www.w3.org/Bugs/Public/show_bug.cgi?id=24450>* - JWK
>> mapping should say what to do with keys that are invalid per JWK spec
>>
>>
>> OPEN
>>
>>
>> *Bug 24489 <https://www.w3.org/Bugs/Public/show_bug.cgi?id=24489>* - Correct
>> the mapping of JOSE key_ops to WebCrypto KeyUsage
>>
>>
>> RESOLVED DUPLICATE (24441)
>>
>>
>> *Bug 24457 <https://www.w3.org/Bugs/Public/show_bug.cgi?id=24457>* - AES-KW
>> can only wrap a JWK key if its serialization happens to be 8*n bytes long
>>
>>
>> OPEN - needs discussion
>>
>>
>> *Bug 24444 <https://www.w3.org/Bugs/Public/show_bug.cgi?id=24444>* - Named
>> Curve Registry (adding secp256k1)
>>
>>
>> OPEN - needs discussion
>>
>>
>> *Bug 24441 <https://www.w3.org/Bugs/Public/show_bug.cgi?id=24441> *- Typos
>> in usages to JWK mapping description
>>
>>
>> OPEN - typos fixed, waiting for JOSE to align key_ops names with WebCrypto
>>
>>
>> *Bug **24410* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=24410> - Define
>> operation procedures for each algorithm
>>
>>
>> OPEN
>>
>>
>> *Bug **24427* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=24427> - Make
>> all method failures asynchronous
>>
>>
>> OPEN: needs discussion - one positive comment - waiting for other input
>>
>>
>> *Bug **24415* <https://www.w3.org/Bugs/Public/show_bug.cgi?id=24415> - Replace
>> enums with DOMStrings
>>
>>
>> RESOLVED FIXED
>>
>>
>> ...Mark
>>
>>
>>
>
Received on Saturday, 8 February 2014 00:53:12 UTC