- From: Jim Schaad <ietf@augustcellars.com>
- Date: Fri, 7 Mar 2014 10:11:02 -0800
- To: <public-webcrypto@w3.org>
1. Generate Key appears to allow for the generation of just one side of an asymmetric key. I am not sure why this should ever be the case. I think step 3 needs to be change to "If usages is not "sign" and "verify", then return an error named DataError." 2. There is a major disconnect in the import of spki structures. rsaEncryption is a subject public key info OID. sha1WithRSAEncryption is a signature algorithm OID and is not a subject public key info OID. As such you are changing the specifications of a lot of external code if you use it that way. 3. I have always wondered if one should not be able to get a KeyPair returned from the importKey. There would be one entry for importing a public key and two for importing a private key. The data for doing the public key is always present when importing a private key. 4. If hash is not supported by system then return an error NotSupported - probably in generate and import both 5. Behavior if hash is undefined for export of jwk should be to not set the alg field, not to return an error. Jim
Received on Friday, 7 March 2014 18:13:12 UTC