W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2015

Re: [WebCrypto.Next] Any ideas on how to proceed?

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Wed, 18 Feb 2015 09:03:30 +0100
Message-ID: <54E44752.9000105@gmail.com>
To: David Leon Gil <coruus@gmail.com>
CC: "public-web-security@w3.org" <public-web-security@w3.org>, public-webapps <public-webapps@w3.org>
On 2015-02-18 08:59, David Leon Gil wrote:
> W.r.t. WebCrypto-Next:
>
> It would be wonderful to see a few useful algorithms added to the spec:
>
> - a modern VOF (e.g., SHAKE256)
> - a fast hash function (e.g., BLAKE2b)
> - a sequential-hard KDF (e.g., scrypt)
> - some non-NSA curves
>
> as well as a slightly higher-level interface that makes it less
> complicated to do things like (cryptographically sound) ECDH without
> shooting yourself in the foot repeatedly. (I tried with the current
> API, and I have fewer toes.)
>
> There are some other things that would be great to see standardized in
> this area, but WebCrypto may not be the appropriate WG.

This belongs to a WebCrypto "maintenance" task which is an entirely different
topic than the stuff referred to in my posting.

Anders

>
> On Tue, Feb 17, 2015 at 10:30 PM, Anders Rundgren
> <anders.rundgren.net@gmail.com> wrote:
>> As you probably noted, all proposals related to
>> http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/
>> were shot down.
>>
>> Are we waiting on something, and if so is the case, exactly what?
>>
>> Is the idea of building on an already semi-established solution like Chrome
>> Native Messaging unacceptable?
>>
>> Or should this disparate community rather standardize on U2F?
>>
>> Another solution (IMO "workaround") is using local services supplying
>> "Security Services" through Redirects, XHR or WebSockets.
>>
>> Since the (in)famous plugins were simply removed without any thoughts of the
>> implications, it seems that the browser vendors currently "own" this
>> question.
>>
>> Anders
>>
Received on Wednesday, 18 February 2015 08:04:18 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:27:25 UTC