W3C home > Mailing lists > Public > public-webcrypto@w3.org > May 2014

[Bug 25706] Incomplete Key Generation Definitions

From: <bugzilla@jessica.w3.org>
Date: Thu, 15 May 2014 14:24:42 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25706-7213-uMdxOuLTkK@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25706

--- Comment #2 from Kelsey Cairns <kelsey.cairns@inria.fr> ---
No interoperability issues with this one. The biggest concern to me is that it
seems I could make an implementation that created completely non-random keys
and still be API compliant. I get that we don't want to constrain
implementations to anything specific, but maybe it would be reasonable to
specify a lower bound on entropy? I think even a moving target is better than
nothing, like "no worse than /dev/urandom."

This bug is also an ease of use thing stemming from looking over the spec the
other day with someone who's going to try an implementation and being asked
"what do they mean?" when it came to one of the general key generation steps. I
would have liked to be able to give a definitive answer from the spec, but I
couldn't find one.

My suggestion would be a blurb in the Terminology section along the lines of:

"The phrase "generate key," when no further specification is given, is meant to
allow implementers flexibility in the choice of random number generator.
However an entropy source should be used that is [at least as good as.. [choose
your reference, make sure there's some kind of metric for comparison]]"

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Thursday, 15 May 2014 14:24:43 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:22 UTC