- From: Harry Halpin <hhalpin@w3.org>
- Date: Tue, 26 Aug 2014 13:34:32 +0200
- To: GALINDO Virginie <Virginie.Galindo@gemalto.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
- CC: "webcrypto@trevp.net" <webcrypto@trevp.net>, Wendy Seltzer <wseltzer@w3.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
My opinion is the same as Richard insofar as"We should agree on the
principle that we will support the next generation curves that CFRG
and TLS agree on, and work to support that once it's decided." But we
need to operationalize what we mean by "support".
The choices are having that curve in the *extension specs* versus
*main spec*. Given that all major browser vendors I know of will
implement the recommended set of curves from CFRG to TLS and so
exposing those to WebCrypto makes sense - and given the liaison
relationship between the IETF and W3C and our commitment to harmonize
as much as possible our specs - it seems that that those recommended
curves should be in the main spec text. Given that extensibility is
still a bit blurry, it's hard to claim we have a good solution for
extension specs quite yet. However, I also agree we can't wait around
forever for CFRG.
This in mind, we can move forward by either:
1) Have a "placeholder" text for it as a "Feature at Risk". The NUMS
text could be that placeholder, with a note saying that this may be
removed/changed if TLS/CFRG do not recommend NUMS.
and/or
2) Go back to "Last Call" and add the recommended non-NIST curve in
later in the main spec text.
I see no harm in either of these proposals and think either would
satisfy the problem. It's not as simple as adding in NUMS or not. What
we need is a commitment to support whatever TLS/CFRG recommend.
If TLS/CFRG do *not* recommend a set of non-NIST curves by the
necessary timeline for WebCrypto (i.e. getting out of CR by end of the
year), in the first case we simply drop the "Feature at Risk" and in
the second case we simply do not go back to "Last Call" but progress
to Rec as normal.
I'm happy to check in with TLS/CFRG on the timeline and tell them we
are considering an official dependency with them.
Note in the long-run having the spec being extensible is exceedingly
important, as regardless of the non-NIST curves recommended by CFRG,
various governments and other folks will want their own crypto
algorithms. In this regard, the only other issue holding us from going
out of CR is likely the lack of clarity over extension specs. While
the spec does note that "This algorithm must be extensible, so as to
allow new cryptographic algorithms to be added" there is little
guidance after that.
cheers,
harry
On 08/25/2014 05:32 PM, GALINDO Virginie wrote:
> Hi all, This is a kind reminder that this thread is still live
> until tomorrow. If you have some opinion to give, it is now. There
> was already an objection to that resolution [1], but this is not a
> reason for not answering to it. Any feedback will help the chair to
> evaluate endorsement/rejection/alternative to that resolution.
> Regards, Virginie
>
> [1]
> http://lists.w3.org/Archives/Public/public-webcrypto/2014Aug/0107.html
>
>
>
> From: GALINDO Virginie [mailto:Virginie.Galindo@gemalto.com] Sent:
> mardi 12 août 2014 15:22 To: public-webcrypto@w3.org Cc:
> webcrypto@trevp.net; hhalpin@w3.org; Wendy Seltzer Subject: [W3C
> Web Crypto WG] CfC : Call for Consensus on the integration of
> curve25519 in WG deliverables (please vote until the 26th of
> August)
>
> Dear all,
>
> I would like to call for consensus on the way we will move forward
> with the contribution provided by Trevor Perrin describing
> Curve25519 operation [1]. We discussed several options and I would
> like to submit the following resolution to your vote.
>
> Proposed resolution : the WG agrees on the principle that
> Curve25519 will be added to Web Crypto WG deliverables as an
> extension to the Web Crypto API specification. An extension being
> here a separate specification having its own Recommendation Track.
>
> Deadline : votes have to be expressed expected until 26th of August
> 23:59 UTC Guideline for voting : reply to all to this mail,
> indicating, +1 if you agree with the resolution, -1 means if you
> object, 0 if you can live with it. While silence means implicit
> endorsement of the resolution, explicit expression of vote is
> encouraged, to help the chair measuring the enthusiasm of the WG
> participants.
>
> Note the following additional information :
>
> - This extension will be used as a beta test for the
> extensibility mechanism that we need to address as raised in bug
> 25618
>
> - The proposed editor is Trevor, as long as Trevor agrees
> to maintain the document
>
> - This resolution does not imply that the draft submitted
> by Trevor is endorsed in its current state, as the WG did not have
> a chance to discuss the content. The discussion about that content
> can be conducted over the mailing list, or during a dedicated call,
> where we will invite Trevor.
>
> Have a great week ! Virginie Chair of the Web Crypto WG
>
> [1]
> http://lists.w3.org/Archives/Public/public-webcrypto/2014Aug/0064.html
>
> ________________________________ This message and any attachments
> are intended solely for the addressees and may contain confidential
> information. Any unauthorized use or disclosure, either whole or
> partial, is prohibited. E-mails are susceptible to alteration. Our
> company shall not be liable for the message if altered, changed or
> falsified. If you are not the intended recipient of this message,
> please delete it and notify the sender. Although all reasonable
> efforts have been made to keep this transmission free from viruses,
> the sender will not be liable for damages caused by a transmitted
> virus. ________________________________ This message and any
> attachments are intended solely for the addressees and may contain
> confidential information. Any unauthorized use or disclosure,
> either whole or partial, is prohibited. E-mails are susceptible to
> alteration. Our company shall not be liable for the message if
> altered, changed or falsified. If you are not the intended
> recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this
> transmission free from viruses, the sender will not be liable for
> damages caused by a transmitted virus.
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJT/HDHAAoJEPgwUoSfMzqc4foQAIwiPzNeky00Q1SyL79tZKzK
MqhKZqP446KYCGWKnE3APBaxwKPPBnNPB2kNX6xKCS0xCPCEQvy1WBLQ7ZLuB1Sf
EUhKdXOG5glHPoM4TVM8aK57ChrATObPZkLfJ4L+QAw+2lIw0qoKa5xT+plT/8t2
oE2pXegs8Pax73s7HBuTKdlodHkz7nzla2PmCIOGI9dfOUJEKe2qSd2Qa/XoSzsY
WeefqcdEVdEsbVRj3c1+jPYH9ctc9Lnvx1frDZBLa8Kut1tuRIKvpZYyKHwp8KEv
7dq2M7X+5h0mn68x+BXPEdfev5Pyax3WpCyIj7GFobGBTuWneanNz8d1BsjSocj7
UhvXKlUs3thAM4Ezlg/vxftZOKpUdMEwVJPJ5ZjSq8ZBdXmKyxwyyYPTSkNN6Yte
twniVeiFW8hebZimtMSzsqUV/qQpTiqyiqZ+u8LrGzokDso6P32jExYv/lZ4AJnt
PBDem8g+OUFe4xURAa9QnHLJYneefdin+XxgY8moNEYOLY7virNn1ur4/pZgzN2I
dgm3O6aJ0TFyu6Ea1cxkEtLYzEsd1Iv/4sdQlVHLM4ZXMsp5UlLGPimykh9wwIpL
MozSfjGAot89wyoiZeeanXS/mQN4sj4W3eRnSK8GkjHpMpRgEl/wu522dup0Ck7I
B0zWNluuw6MusoEyKrn2
=a8vR
-----END PGP SIGNATURE-----
Received on Tuesday, 26 August 2014 11:34:41 UTC