- From: Mark Watson <watsonm@netflix.com>
- Date: Tue, 13 May 2014 07:09:34 -0700
- To: "Salz, Rich" <rsalz@akamai.com>
- Cc: Vijay Bharadwaj <Vijay.Bharadwaj@microsoft.com>, "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
- Message-ID: <8733354124551555576@unknownmsgid>
Would it help to augment the existing warning text cited by Vijay with some _examples_ of published attacks / weaknesses for some of the algorithms ? This would provide a more explicit warning but without purporting to be exhaustive, up-to-date or chosen according to some particular criteria. IIUC the concern with the proposed text is that it might give the impression we're providing exhaustive, up-to-date advice and that we have some agreed yardstick by which to measure whether a given algorithm should get a thumbs up or thumbs down. On the other hand, pointing to some examples to back up our assertion that designing your own protocols is fraught with danger, seems like it would be helpful. ...Mark Sent from my iPhone On May 13, 2014, at 6:05 AM, "Salz, Rich" <rsalz@akamai.com> wrote: Thank you for your reply. > I’m not sure that is entirely fair. Perhaps. But by reading the public record, and the (tone of) my public discussions on this list, it’s a plausible conclusion to draw. > So we’ve opted to take the approach of saying “It’s all scary, so ask an expert.” My point is that experts have already weighed in and pointed out there are issues with existing uses of certain mechanisms in the way they are currently used. Since section 5.2 warns against creating new protocols, it seems a no-brainer to list items that are known to have problems. If you think my suggested warning leads to a (sic) false sense of security, then I would be delighted to see the WG strengthen it to avoid that. My concern, as I have consistently tried to explain, is that you are unleashing a general-purpose cryptographic API with no warnings or practical security advice. In turn, the responses I have consistently heard, is that someone else should do that. We disagree. /r$ -- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: rsalz@jabber.me; Twitter: RichSalz
Received on Tuesday, 13 May 2014 14:10:06 UTC