RE: Bug #23500 - Raw AES Access? from Jim Schaad on 2014-01-24 (public-webcrypto@w3.org from January 2014)

From: Jim Schaad <ietf@augustcellars.com>
Date: Fri, 24 Jan 2014 14:36:02 -0800
To: "'Ryan Sleevi'" <sleevi@google.com>
Cc: <public-webcrypto@w3.org>
Message-ID: <005001cf1954$a98bea60$fca3bf20$@augustcellars.com>

Strictly because other people are not skilled enough.  This can easily be fixed by adding AES-ECB but that just seems to be a bad idea.

 

Jim

 

 

From: Ryan Sleevi [mailto:sleevi@google.com] 
Sent: Friday, January 24, 2014 2:21 PM
To: Jim Schaad
Cc: public-webcrypto@w3.org
Subject: Re: Bug #23500 - Raw AES Access?

 

Jim,

 

If I can make sure I understand your objection, it's because you don't think other people are skilled enough, nor do you believe polyfills are a valid use case?

 

On Fri, Jan 24, 2014 at 2:09 PM, Jim Schaad <ietf@augustcellars.com> wrote:

I have a problem with dealing with this issue.  While I agree that it might be useful to allow for having raw ECB access to block encryption processes.  I think that the drawbacks of people actually have access to the ECB mode and thus getting things wrong is probably too great to allow for this.  I think this is one of those cases where if you want to get a funny block mode then forcing an implementer to also provide the block encryption algorithm as well is probably worthwhile.

 

I would say that this bug should be closed with no action.

 

Jim

Received on Friday, 24 January 2014 22:38:02 UTC