Re: An initial editor's draft: high-level API

On 19 February 2013 08:34, Emily Stark <estark@mit.edu> wrote:

> I was wondering if we could revisit sign/verify. I'm curious to hear
> why Adam Langley thought these should be dropped; I understand that
> messages can be signed with encryptAndSign, but it seems wasteful and
> confusing to always require encryption along with signatures. NaCl,
> KeyCzar, and SJCL all have sign()/verify() (as well as MACs) that
> don't also require the user to encrypt/decrypt.


I also thought they should be removed.  My argument is simplicity.  While
it is true other libraries expose a 'sign' function, our goal for this High
Level API is to make it as simple to use as possible.  Part of that
includes making it as minimal as possible.

I haven't seen a use case that convinced me we need a sign() function, and
encryptAndSign() won't do.  Could you provide some examples where a
messages *requires* authenticity but also *cannot* have confidentiality,
particularly if we're talking about mostly-opaque data values?

-tom

Received on Tuesday, 19 February 2013 14:12:06 UTC