W3C home > Mailing lists > Public > public-webcrypto@w3.org > July 2014

[Bug 25607] Need to advise authors about security considerations

From: <bugzilla@jessica.w3.org>
Date: Tue, 01 Jul 2014 01:37:09 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25607-7213-0ayjuxRT06@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25607

--- Comment #19 from Mark Nottingham <mnot@mnot.net> ---
(In reply to Ryan Sleevi from comment #17)
> I strongly object/oppose this. You are the only person in this WG advocating
> MD2/MD5. You're proposed inclusion is seemingly an attempt to circumvent any
> WG discussion of these, by trying to include a normative note that precludes
> their use.

Rather than trying to ascribe motives here, I think everyone would benefit from
this issue actually being discussed in the WG, full stop.

According to its home page, this WG hasn't had a meeting since 03 March
(although I see unreferenced minutes in the archive from 05 May). There has
been very little discussion of this issue on the mailing list beyond a
back-and-forth between Ryan and Rich, despite the WG listing 70 participants in
Good Standing. 

In fact, the only other WG discussion I can find on this issue (beyond Harry
and Virginie's much-appreciated attempts to mediate an outcome) is Richard
Barnes' comment:
  http://lists.w3.org/Archives/Public/public-webcrypto/2014May/0037.html
... which seems to support an addition along the lines that Rich proposed.

Did I miss something?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Tuesday, 1 July 2014 01:37:11 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:23 UTC