W3C home > Mailing lists > Public > public-webcrypto@w3.org > June 2014

[W3C Web Crypto WG] bug status of Web Crypto API on 23rd of June

From: GALINDO Virginie <Virginie.Galindo@gemalto.com>
Date: Wed, 25 Jun 2014 14:36:30 +0000
To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>, "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
CC: Harry Halpin <hhalpin@w3.org>, "'Wendy Seltzer'" <wseltzer@w3.org>
Message-ID: <540E99C53248CE468F6F7702588ABA2AA490BAB0@A1GTOEMBXV003.gto.a3c.atos.net>
Dear all,

The chair, W3C staff and editors met last Monday in order to make a status on the current open 39 bug related to the Web Crypto API, in the framework of Last Call.

-          The remaining 39 open bugs can be found under [PDF] https://www.w3.org/2012/webcrypto/wiki/images/e/ed/Web_Crypto_API_bug_review_23_June_2014_-_after_call.pdf

-          11 bugs are almost solved, or the editors have enough material to solve them (yellow and purple in the PDF document)

-          4 bugs are requiring arbitration, as being controversial : 25839 related to curve 25519, 25721 related to key extractability, 25607/18925 related to security considerations.

-          7 bugs were reported after the LC deadline (which does not mean we will ignore it, but means that it releases pressure to treat them as Last Call bugs)

-          4 bugs lacks of material or direction from the WG, those ones are : 25706 related to Incomplete Key Generation Definitions, 25383 related to UnknownError, DataError are also defined by Indexed DB spec, 24878 related to Remove algorithm aliases, 23501 related to PBKDF2 Parameter Warning. Please contribute there to help editors to find a way to proceed.

-          The team has decided to work on the 4 sensitive bugs and have them solved by the 11th of July. The process we have been decided to adopt is the following : the chair will manage progress for those bugs with reviewers, in public (on the bugzilla and public web crypto mailing list). Depending on the bug, I will either require to reviewers feedback on a suggested resolution, or ask reviewers to provide some text proposal to be added to the Web Crypto API specification. In the end, the WG will be asked to endorse or not the proposed resolution right after the 11th of July, so I recommend you stay tuned to my announcements...

Comments, help, suggestion are welcome at this stage to help to solve those remaining bugs !

The updated bug list is accessible via https://www.w3.org/Bugs/Public/buglist.cgi?component=Web%20Cryptography%20API%20Document&product=Web%20Cryptography&resolution=---. Again, anyone with a bugzilla account can contribute to bug resolution/suggestion...

Chair of Web Crypto WG

This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
Received on Wednesday, 25 June 2014 14:38:05 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:23 UTC