Mail list archives & formatting of messages from Ryan Sleevi on 2014-02-24 (public-webcrypto@w3.org from February 2014)

From: Ryan Sleevi <sleevi@google.com>
Date: Mon, 24 Feb 2014 12:11:30 -0800
To: Jim Schaad <ietf@augustcellars.com>
Cc: Mark Watson <watsonm@netflix.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CACvaWvZtOGg3xNG_8spXitZAnAwds0hB2pM1YS7_RQdTjpM91Q@mail.gmail.com>

On Mon, Feb 24, 2014 at 11:47 AM, Jim Schaad <ietf@augustcellars.com> wrote:

>
>
>
>
> *From:* Mark Watson [mailto:watsonm@netflix.com]
> *Sent:* Monday, February 24, 2014 10:06 AM
> *To:* Jim Schaad
> *Cc:* Ryan Sleevi; public-webcrypto@w3.org
> *Subject:* Re: Diffie-Hellman question
>
>
>
> So, if the libraries people are using to implement WebCrypto right now
> support only PKCS#3, shouldn't we stick with that for this first version ?
> Just as we have "RSASSA-PKCS1-v1_5" we could have "DH-PKCS3" and later
> introduce X9.42.
>
>
>
> Not supporting a full set of parameters is not acceptable.  The WebCrypto
> implementation can always reduce from the X9.42 parameters to PKCS#3
> internally if it needs to.
>
>
>
> That would mean that in this version we would not be able to support
> export except in raw format. I would then suggest that we support import
> only in that format too. It's not quite clear what import is for, though,
> except perhaps to enable use of the DH Phase II primitive with a private
> value generated some way other than deriveKey: we would need a
> DhImportParams dictionary to provide the prime and generator. Importing a
> DH public key is useless, because the only think a Key object representing
> a DH public key can be used for is to export the Public Value.
>
>
>
> Again – I do not believe that raw makes any sense for asymmetric
> algorithms.  You always need to have the parameters with the private key
> value.  Before doing a key agreement step, the implementation MUST check
> that both sides have the same set of parameters.
>
>
>
> RAW exists for symmetric algorithms.  Don’t use it for asymmetric
> algorithms
>
>
>
> Jim
>
>
>
>
>
> ...Mark
>
>
>
>
>

Jim,

Can you please configure your email client to use a more reasonable reply
form?

Please see
http://lists.w3.org/Archives/Public/public-webcrypto/2014Feb/0133.html to
see how your replies are entirely lost in the (official) archives.

You can see some of the mail-client gotchas that WebApps has captured at
https://www.w3.org/2008/webapps/wiki/WorkMode#Mail_List_Policy.2C_Usage.2C_Etiquette.2C_etc
.

Received on Monday, 24 February 2014 20:11:57 UTC