- From: Arun Ranganathan <arun@mozilla.com>
- Date: Mon, 8 Jul 2013 09:56:39 -0400
- To: "Web Cryptography Working Group (public-webcrypto@w3.org)" <public-webcrypto@w3.org>
I think I can close ACTION-92 assigned to me, which is to account for the JOSE use case. A few observations: 1. The "JOSE use case" is actually the API's consumption of "JWK" in import/export. Everything else is an application layer consideration (and the use cases document makes mention of the use of JWT for assertions, for example). By stipulating a use case that allows for import (and export) in JWK format, I think the JOSE use case is accounted for. Since the remaining JOSE formats are not directly "natively" consumed by the API, I don't think they constitute a use case (and in fact can already be used by JavaScript web applications). Mike: please let me know if you disagree. 2. I think the WebCrypto API's CryptoOperationData should include the possibility of JWK as JSON. Maybe: typedef (ArrayBuffer or ArrayBufferView or DOMString) CryptoOperationData; But we should restrict it to be used only for import/export. The use cases document is: https://dvcs.w3.org/hg/webcrypto-usecases/raw-file/4ee6bd222b1c/Overview.html
Received on Monday, 8 July 2013 13:57:14 UTC