- From: Richard L. Barnes <rbarnes@bbn.com>
- Date: Thu, 10 May 2012 08:19:11 -0400
- To: Eric Rescorla <ekr@rtfm.com>
- Cc: Nadim <nadim@nadim.cc>, public-webcrypto@w3.org
+1 Where there's a large deployed base -- as with RSA and SHA1 -- there's a de facto use case. It is not our job to dictate to developers which algorithms they use. --Richard On May 10, 2012, at 12:58 AM, Eric Rescorla wrote: > On Wed, May 9, 2012 at 10:33 AM, Nadim <nadim@nadim.cc> wrote: >> Hi everyone, >> I think we need to have a discussion regarding whether the API will >> exclusively implement (and rely on) newer, faster standards (such as ECDH, >> ECDSA) or whether there will be a larger dependence on RSA, either for >> fallback or stronger compatibility reasons. >> >> If it is eventually decided that not only the best available per-task >> algorithm is implemented, but rather, all possible algorithms, where do we >> draw the line? Do we implement SHA1 in addition to SHA2? Does that also >> warrant an MD5 implementation? >> >> Personally, I believe that focusing only on the newer, more efficient >> standards (such as ECC) is a better idea, but I stand very humbly by my >> opinion and a much more interested in listening to the group's opinions. > > I don't really think it's a good idea to design a system which can't > interoperate > with the vast majority of signed data objects on the Internet, which use > SHA-1 and RSA. > > -Ekr > >
Received on Thursday, 10 May 2012 12:19:46 UTC