Re: [WebCrypto.Next] Any ideas on how to proceed?

On 2015-02-18 08:59, David Leon Gil wrote:
> W.r.t. WebCrypto-Next:
> It would be wonderful to see a few useful algorithms added to the spec:
> - a modern VOF (e.g., SHAKE256)
> - a fast hash function (e.g., BLAKE2b)
> - a sequential-hard KDF (e.g., scrypt)
> - some non-NSA curves
> as well as a slightly higher-level interface that makes it less
> complicated to do things like (cryptographically sound) ECDH without
> shooting yourself in the foot repeatedly. (I tried with the current
> API, and I have fewer toes.)
> There are some other things that would be great to see standardized in
> this area, but WebCrypto may not be the appropriate WG.

This belongs to a WebCrypto "maintenance" task which is an entirely different
topic than the stuff referred to in my posting.


> On Tue, Feb 17, 2015 at 10:30 PM, Anders Rundgren
> <> wrote:
>> As you probably noted, all proposals related to
>> were shot down.
>> Are we waiting on something, and if so is the case, exactly what?
>> Is the idea of building on an already semi-established solution like Chrome
>> Native Messaging unacceptable?
>> Or should this disparate community rather standardize on U2F?
>> Another solution (IMO "workaround") is using local services supplying
>> "Security Services" through Redirects, XHR or WebSockets.
>> Since the (in)famous plugins were simply removed without any thoughts of the
>> implications, it seems that the browser vendors currently "own" this
>> question.
>> Anders

Received on Wednesday, 18 February 2015 08:04:17 UTC