- From: Ryan Sleevi <sleevi@google.com>
- Date: Wed, 26 Jun 2013 12:20:31 -0700
- To: Jim Schaad <ietf@augustcellars.com>
- Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
On Sun, Jun 23, 2013 at 11:23 AM, Jim Schaad <ietf@augustcellars.com> wrote: > Ryan, > > It is not clear to me if a verify operation where the finish operation fails > because the signature values do not match, if the promise fails or succeeds > and returns a fail result. Reasonable question. There are two options here. This would also apply to authenticated encryption modes 1) Resolve the promise with a failure result (eg: an empty ArrayBuffer, a boolean false) 2) Reject the promise, with some sort of indicative error code It seems more useful to authors to reject the promise, as that allows for an easier .then() flow. This would then argue for some sort of distinguishing error code, to distinguish between a promise being rejected for other reasons (unsupported alg? invalid params?) versus being rejected because a signature/mac/tag didn't validate. Thoughts from the WG? > > Also, it might be good to document what the value returned is for each > operation to tell me what the expected prototype is for the fulfill and > reject callbacks are. Agreed - this is what the algorithm sections already try to do in https://dvcs.w3.org/hg/webcrypto-api/raw-file/0956666e55e0/spec/Overview.html#algorithms Do you see a place where this is missing or under-specified? In some ways, the result is contingent upon the operation. eg: the discussion of AES-GCM, where both a tag and ciphertext are returned by encrypt. > > Jim > >
Received on Wednesday, 26 June 2013 19:20:58 UTC