[W3C Web Crypto WG] W3C Web Cryptography API CR Transition Call - minutes

Dear all,
You will find below the minutes of the (successful) transition CR call, held yesterday with Wendy Seltzer, Harry Halpin and Philippe Le Hegaret from W3C.
Few actions were required before we actually publish the last version of the specifications.
Regards,
Virginie



-----Original Message-----
From: Wendy Seltzer [mailto:wseltzer@w3.org]
Sent: mercredi 10 décembre 2014 09:23
Subject: [minutes] Re: W3C Web Cryptography API CR Transition Call

Thanks for your work on this transition. Minutes of the successful transition call are: http://www.w3.org/2014/12/09-crypto-minutes.html


Actions:
[NEW] ACTION: hhalpin to make Director's decision, note that WG plans to make the "profile" for browser related to algorithm [recorded in http://www.w3.org/2014/12/09-crypto-minutes.html#action03]
[NEW] ACTION: hhalpin to update exit criteria, reference to DOM [recorded in http://www.w3.org/2014/12/09-crypto-minutes.html#action01]
[NEW] ACTION: hhalpin will notify webmaster of publication request and double-check with editors on changes [recorded in http://www.w3.org/2014/12/09-crypto-minutes.html#action02]

Thanks!
--Wendy

On 12/03/2014 04:56 AM, GALINDO Virginie wrote:
> Dear all,
>
> Please find below the elements for moving the W3C Web Crypto API towards CR.
>
> Provisioned publication date is 11th of December.
>
> Regards,
>
> Virginie Galindo
>
> Chair of Web Crypto WG
>
>
>
> ======
>
>
>
> 1 Document title
>
>
>
>   Web Cryptography API
>
>
>
> 2 Document URI
>
>
>
> We propose to publish the document at the following URI (adjusting the yyyymmdd portion of the URI as may be needed):
>
>
>
>   http://www.w3.org/TR/2014/CR-WebCryptoAPI-20141211

>
>
>
> Publication-ready copies of the document are already staged at the following URI in preparation for the telecon at which the Director's decision on this transition request will be finalized"
>
>
>
>   http://www.w3.org/2012/webcrypto/CR-WebCryptoAPI-20141211/

>
>
>
> 3 Estimated publication date
>
>
>
> Assuming (a) a Transition Call held before 10-December and (b) a favorable Director's decision, we propose to publish the documents on 11 December 2013. We expect Philippe LeHegaret or Ralph Swick to review.
>
>
>
> 4 Record of the group's decision to advance
>
>
>
> The Web Cryptography Working Group did a call for consensus that ended Nov 3rd to request publication of the document named above as a Candidate Recommendation.
>
>
>
> http://lists.w3.org/Archives/Public/public-webcrypto/2014Oct/0169.html

>
>
>
> There were no objections as recorded in the public mailing list archive.
>
> Further bugs required some additional work so that the document would be ready for CR.
>
>
>
> 5 Document abstract
>
>
>
> This specification describes a JavaScript API for performing basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption.
>
> Additionally, it describes an API for applications to generate and/or manage the keying material necessary to perform these operations. Uses for this API range from user or service authentication, document or code signing, and the confidentiality and integrity of communications.
>
>
>
> 6 Status of this document section
>
>
>
> See the status document at the staging URI:
>
>
>
> http://www.w3.org/2012/webcrypto/CR-WebCryptoAPI-20141211/

>
>
>
> 7 Important changes to the document
>
>
>
> All changes to the document are recorded and easily found within the Mercurial repository for the document at W3C available here:
>
>
>
> https://dvcs.w3.org/hg/webcrypto-api/

>
>
>
> There have been many changes to the text since the publication of the Last Call Working Draft in response to reviewer comments.  Details for larger changes are given in the Disposition of Comments, including major changes such as the extensibility mechanism.
>
>
>
> However, given that the changes were either additions to the specification done in response to resolving reviewer comments during Last Call or "minor edits" that clarified the specification for implementers, the Working Group believes that the changes made do not invalidate any earlier favorable review of the Web Cryptography API.
>
>
>
> List of changes:
>
>
>
> - The Working Group implemented an extensibility mechanism.
>
>
>
> "Extension specifications will be explicitly listed in the
> specification
>
> - list to be updated with Errata. No longer possible to completely override existing algorithms. New hash algorithms can be added. EC curve extensibility intended to allow a variety of new curves, not just those that align with NIST ones."
>
>
>
> http://lists.w3.org/Archives/Public/public-webcrypto/2014Oct/0167.html

>
>
>
> - The Working Group also had a very large discussion of how to add additional elliptic curves.
>
>
>
> "The WG will not decide which additional curve to integrate before IETF/CFRG share its recommendation. Once this recommendation shared, based on timing constraint, algorithm maturity, the WG will make decision about integrating the curves, in accordance with the extensible mechanism the WG will decide, according to bug 25618 [0]. In case IETF/CFRG does not share recommendation before the Web Crypto API move to Proposed Recommendation, there will be no curve added.
>
>
>
>           The Web Crypto will exit Last Call without any mention to those algorithms, without any provisioned place holder, but an editorial note stating that 'some new curves may be added if IETF/CFRG issue recommendations and that curves description are mature and complete enough to be referenced in our deliverables before we move to Proposed Recommendation. In that special case, the specification would go back to Last Call'
>
>
>
>           If IETF/CFRG does not give any recommendation before we move to Proposed Recommendation, we will not integrate any new curve in our Web Crypto API current specification, and this will be done in the next version of our deliverables.
>
>
>
>           A liaison will be sent to IETF/CFRG exposing that situation.
>
>
>
> Note that this resolution does not prevent anyone to share with the Working Group some draft describing NUMS or 25519 curves, in line with the extension mechanism to be described in bug 25618 [0]. This resolution prevents someone asking to make decision about formal endorsement of a new curve, between the exit to Last Call and the move to Proposed Recommendation milestones, if the IETF/CFRG has not yet issued its own recommendation."
>
>
>
> http://lists.w3.org/Archives/Public/public-webcrypto/2014Sep/0011.html

>
>
>
> - Browser interoperability to be defined during CR
>
>
>
> Based on the exchanges related to this bug, one possible way to move
> forward is to define a browser profile after interoperability testing
> is conducted with different implementations. This browser profile
> should describe the exact behavior of the browser in case part of the
> algorithms are not available, or partially available, or disabled by
> the user. As such it is required to treat that bug once
> implementations have been demonstrated, which means after the call for
> implementation
>
>
>
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=25985

>
>
>
> 8 Requirements
>
>
>
> The requirements for this specification has not changed since the publication of the Last Call Working Draft. In light of the charter, the Web Cryptography API fulfills all the requirements for primary features, although key "control beyond the lifetime of a single session" has been reduced by making keys bound to a single session due to privacy reasons.
>
> In terms of secondary features, only "key import/export" have been addressed. The rest of the secondary features are left for possible future work in this Working Group or another Working Group.
>
>
>
> 9 Dependencies
>
>
>
> This specification has dependencies on one W3C specification that is not yet a W3C Candidate Recommendation; that document is the DOM (Living Standard) from WHATWG. As soon as W3C DOM4 goes to Candidate Recommendation, as noted in the specification, the dependency will change to W3C DOM4.
>
>
>
> 10 Evidence of Wide Review
>
>
>
> 58 reviewers have been received on this document via the Bugzilla tracking system during the Last Call Review period.  Comments received on the mailing list were re-directed into the Bugzilla. The vast majority of the comments came from outside of the Working Group. Every group listed in the charter was contacted for review. The specification also had review by the W3C TAG and Privacy Interest Group.
>
>
>
> 11 Disposition of comments
>
>
>
> The Last Call review period for this document closed on 20 May 2014.
>
> Each comment received before the 20 May 2014 end of the comment period has been formally addressed by the Working Group; details for each comment are shown in the Bugzilla entry for that comment. The Working Group has attempted in all cases to procure an affirmative response from each commenter that the comment has been resolved satisfactorily. The Disposition of Comments is available here:
>
>
>
> http://www.w3.org/2012/webcrypto/DispositionOfComments/WebCryptoDispos

> itionOfComments.html
>
>
>
> Due to the continued work of the Working Group to resolve open issues brought up in Last Call, a further 37 bugs were created and resolved.
>
> These bugs are also listed in the Disposition of Comments for informative purposes in a secondary section.
>
>
>
> 12 Features At Risk
>
>
>
> All algorithms in this document that has been designated as "at risk". A "browser profile" will be created during CR to clarify the status of interoperability between algorithms.
>
>
>
> There is a current dependency with IRTF CFRG for the addition of a new "non-NIST" elliptic curve or curves, as the CFRG is supposed to give a recommendation for such curves to the IETF TLS WG. However, as these curves have yet to be recommended and the deadline by CFRG may change, the WebCrypto WG will make a decision on how to implement these via either direct inclusion or the extension mechanism once the CFRG decision has been announced.
>
>
>
> 13 Exit Criteria
>
>
>
> The chair and team contact agreed that the Candidate Recommendation
> stage for this document will remain in effect until at least 12 March
>
> 2015 (if the CR document is published as planned on 11 December 2014).
>
> They have also agreed that transition to Proposed Recommendation will not be requested until the following criteria have been met:
>
>
>
> (1) There are at least two independent implementations of the
> specification
>
> (2) There are no open substantive bugs or issues
>
> (3) Every external comment has been responded to satisfactorily
>
>
>
> 14 Objections
>
>
>
> There have been two formal objections raised against this document since their publication as Last Call Working Drafts. In both cases, the objection was resolved.
>
>
>
> (1) The first formal objection required the lack of security guidelines for developers by Rich Salz (Akamai, but formal objection as an individual).
>
>
>
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=25607

>
>
>
> It was resolved by writing security guidelines and then sending the guidelines to the CFRG. The CFRG may maintain the document and then Web Cryptography API will point to it. The draft document is here:
>
>
>
> http://www.w3.org/2012/webcrypto/draft-irtf-cfrg-webcrypto-algorithms-

> 00.txt
>
>
>
> The response by the review shows that they accepted the response:
>
>
>
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=25607#c33

>
>
>
> (2) The second formal objection was over the extractability of private key material. Although the use-cases were not traditional Web use-cases as "end to end" encryption with a possibly malicious server is not handled by the Web Security Model, the use-case was accepted by some members of the Working Group as valid but also should be in-scope of the Web Application Security Working Group, not the Web Cryptography Working Group.
>
>
>
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=25721

>
>
>
> While the original non-W3C member reviewer who raised the formal objection did not respond, a second non-W3C member reviewer who also (Tom Lowenthal) accepted the response.
>
>
>
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=25721#c34

>
>
>
> See the Disposition of Comments for further details.
>
>
>
> http://www.w3.org/2012/webcrypto/DispositionOfComments/WebCryptoDispos

> itionOfComments.html
>
>
>
> 15 Test Suite
>
>
>
> A unified test suite for the Web Cryptography API has not been developed. However, the API has already been implemented and the tests are available from:
>
>
>
> http://dxr.mozilla.org/mozilla-central/search?tree=mozilla-central&q=p

> ath%3Adom%2Fcrypto%2Ftest&redirect=true
>
>
>
> as are the tests from Google
>
> https://code.google.com/p/chromium/codesearch#chromium/src/content/tes

> t/data/webcrypto/
>
> and
>
> https://code.google.com/p/chromium/codesearch#chromium/src/content/chi

> ld/webcrypto/test/
>
>
>
> and Webkit
>
> http://trac.webkit.org/browser/trunk/LayoutTests/crypto

>
>
>
> The focus of the CR phase will be to unify these diverse test-suites into a single test-suite to make sure Web developers can depend on the Web Cryptography API being interoperable. We believe the 3 months needed for CR are sufficient for this purpose.
>
>
>
> 15 Patent disclosures
>
>
>
> The patent disclosure pages at the URLs shown below indicate no exclusions and no disclosures for any documents in this group.
>
>
>
>   http://www.w3.org/2004/01/pp-impl/54174/status

>
> ________________________________
> This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
>


--
Wendy Seltzer -- wseltzer@w3.org +1.617.715.4883 (office) Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
http://wendy.seltzer.org/        +1.617.863.0613 (mobile)

________________________________
 This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.

Received on Wednesday, 10 December 2014 17:18:40 UTC