Re: Last call for public comments on Web Crypto charter

I've very happy to see how this process has gone and the
resulting charter. I have two comments:-

I would strongly argue to move TLS key extraction into
the list of primary features. I guess that function might
not always produce a key, depending on client & server
implementations, but I think its important that it be
available since if/when it works, it would mean that an
awful lot of people would not need to develop their own
(and probably broken) key distribution schemes.

I would separately argue that the current list of primary
functions (esp without TLS key extraction) is not really
a "high-level API," right now, it looks much more like
just any old crypto API (e.g. if you have D-H, which
many developers might not understand very well). I think
requiring the WG to more somehow at a higher level than
JCE/JCA might be a way to indicate that.


On 11/17/2011 03:17 PM, Harry Halpin wrote:
> Everyone,
> On next Tuesday, as said earlier, I plan to take the Web Cryptography
> charter [1] from the wiki and put it into HTML as an "official draft
> charter" then ask for preliminary feedback from the AC, before going to
> real AC review in December (thus launching Working Group in January).
> So, if you have any comments, *now* is the time to send to the mailing
> list. Suggested text replacement is most welcome.
>        cheers,
>           harry
> [1]

Received on Friday, 18 November 2011 05:35:44 UTC