- From: David Dahl <ddahl@mozilla.com>
- Date: Wed, 8 Aug 2012 08:25:36 -0700 (PDT)
- To: Ryan Sleevi <sleevi@google.com>
- Cc: Web Cryptography Working Group <public-webcrypto@w3.org>
----- Original Message ----- > From: "Ryan Sleevi" <sleevi@google.com> > To: "Web Cryptography Working Group" <public-webcrypto@w3.org> > Sent: Sunday, August 5, 2012 9:56:12 PM > Subject: Re: crypto-ISSUE-13: Relationship between the W3C Web Cryptography work product and the IETF JOSE WG [Web > Cryptography API] > I'd like to propose that the current low-level API specifically > clarify that there is *no* specific or priviledged relationship to > the > IETF JOSE work. > > Specifically: > 1) Algorithm/AlgorithmParams does *not* need to be on-the-wire > equivalent to JWA parameters > 2) It is *not* required that algorithm short-names match their JWA > counterparts. > > My opinion is that this represents a generic API for use in the > client. One possible consumer, of many, may include the work-products > of the JOSE working group. However, I believe that they do not > represent the only consumer of this API, therefore I do not believe > it > makes sense to primarily design or tightly-couple this work to the > JOSE WG. +1 As this is a low-level API, I agree. I think JOSE is more directly compatible with a higher-level API. I can see using JOSE for either a high-level spec produced by this WG or by a high-level API written in content JS that consumes the Web Crypto API. Regards, David
Received on Wednesday, 8 August 2012 15:26:08 UTC