- From: Dominique Hazael-Massieux <dom@w3.org>
- Date: Mon, 29 Nov 2021 09:27:57 +0100
- To: jan@leastauthority.com
- Cc: public-web-security@w3.org
Hello Jan, > I am going to comment on the Web Crypto API. My understanding is that > this is the right place to do that, since the working group disbanded. > If that is not the case, I am sorry and curious where I should head > instead. I searched both the archives of the old mailing list as well > as this one for previous discussions on the topic but couldn't find > any. > > I am writing because several projects we have reviewed used PBKDF2 > from the Web Crypto API to derive key material from a password. I stumbled upon your message, and not seeing any response in the archive, here is my input: * discussions on the Web Crypto API happen mostly on the github repository where the API is being maintained https://github.com/w3c/webcrypto/issues * on the specific issue of key derivation and alternatives to PKBDF2, there is a specific ongoing discussion on the topic: https://github.com/w3c/webcrypto/issues/265 Hope this helps! Dom
Received on Monday, 29 November 2021 08:51:17 UTC