- From: Ryan Sleevi <sleevi@google.com>
- Date: Tue, 12 Aug 2014 12:31:53 -0700
- To: Mark Watson <watsonm@netflix.com>
- Cc: GALINDO Virginie <Virginie.Galindo@gemalto.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>, "hhalpin@w3.org" <hhalpin@w3.org>, Wendy Seltzer <wseltzer@w3.org>
- Message-ID: <CACvaWvZxu+bKgoW3_GNcQ7hZL9pM-T5rUfatyuQF24a0HOkxaA@mail.gmail.com>
I wholeheartedly and absolutely agree with every point Mark is making here. On Tue, Aug 12, 2014 at 8:14 AM, Mark Watson <watsonm@netflix.com> wrote: > Virginie, all, > > I believe the general sentiment was that we should specify how the NUMS > curves can be used with WebCrypto, but there was no consensus on where / > what document. Given this, I don't see that we have much alternative but to > progress the technical work in a separate document for the moment, perhaps > leaving open the door to integration into the main specification at a later > point, if and when we have a recommendation from IETF / CFRG, depending on > the status at that time of the main specification and if there is consensus > to do that in the group (Perhaps that means the door is only very very > slightly ajar.) > > Otherwise, we will be stalling progress on the technical work over a > documentation / process issue. > > ...Mark > > > On Tue, Aug 12, 2014 at 5:50 AM, GALINDO Virginie < > Virginie.Galindo@gemalto.com> wrote: > >> Dear all, >> >> >> >> This is a take away of our discussions held during the Web Crypto WG >> call. Please note that this does not replace the minutes available under >> http://www.w3.org/2014/08/11-crypto-minutes.html >> >> >> >> - Wendy reminded us the process to go towards Candidate >> Recommendation, highlighting the need to collect elements demonstrating >> that the WG discussed sensitive bugs **and** shared with the bug >> reviewers their decision (ideally having them happy). Wendy and Harry >> mentioned that we still have few sensitive bugs that the WG need to >> address. Note that the exhaustive list of 60 open bugs related to Web >> Crypto API can be found here : >> https://www.w3.org/Bugs/Public/buglist.cgi?quicksearch=web%20crypto&list_id=42115 >> >> - The WG discussed the way to move forward on the integration >> of NUMS curves into the WG deliverables. The options discussed were based >> on following scenario : addition of NUMS curve via an extension, inclusion >> of NUMS curve in the main mains spec as feature risk, postponing our target >> candidate recommendation to expect CFRG recommendation, dropping all NIST >> algorithms in our main spec. All options informally voted, including the >> option not to make a decision now, collected objections or massive >> non-happy expression. >> >> - Short summary of the informative votes : working extension as >> a separate case (2 objections by Harry, Bal), working on the feature at >> risk in the main spec (2 objections by Richard and Ryan, via delegation >> vote), working on not making decision (3 times “-0.5” vote), delaying the >> deliverables by 6 months (1 objection by Richard and a lots of unhappy >> people). >> >> - The question on which option would mandate a return to Last >> Call was also discussed (which would delay by few weeks again the Candidate >> Recommendation migration), and needs further discussions. >> >> - The WG did not have time to address the curve25519 case, >> neither bug related to extensibility mechanisms. >> >> - It was discussed that IETF / CFRG algorithm recommendation >> would happen during IETF#91, beginning November. >> >> - It was stated at the beginning of the call that the chair >> would trigger call for consensus via email to progress on the sensitive >> bugs. >> >> - The next call to follow up on that discussion will be on the >> 25th of August at 20:00 UTC, usual bridge and irc >> >> >> >> In the meantime all conversation, alternatives, driving us toward >> consensus will be appreciated… >> >> >> >> Virginie >> >> Chair of the Web Crypto WG >> >> >> ------------------------------ >> This message and any attachments are intended solely for the addressees >> and may contain confidential information. Any unauthorized use or >> disclosure, either whole or partial, is prohibited. >> E-mails are susceptible to alteration. Our company shall not be liable >> for the message if altered, changed or falsified. If you are not the >> intended recipient of this message, please delete it and notify the sender. >> Although all reasonable efforts have been made to keep this transmission >> free from viruses, the sender will not be liable for damages caused by a >> transmitted virus. >> > >
Received on Tuesday, 12 August 2014 19:32:22 UTC