[W3C Web Crypto WG] suggested resolution for bug 25607 related to security recommendation

Dear all,

Here is a proposed resolution for the bug 25607 related to  security recommendation : https://www.w3.org/Bugs/Public/show_bug.cgi?id=25607
As mentioned by Wendy [1], it looks like a doc owned by IETF/CFRG could maintain the list of attacks on our referenced algorithms.



Suggested resolution :

The WG to resolve the bug 25607 by (1) endorsing clarifications from the recent editors draft and (2) referencing to a document listing algorithms attacks and vulnerabilities, maintained by IETF CFRG (to be added in the specification by the editors as soon as available).



This resolution will be submitted to WG participants vote during our call next Monday as announced over the mailing list [2]



Regards,

Virginie





[1] http://lists.w3.org/Archives/Public/public-webcrypto/2014Jul/0098.html

[2] http://lists.w3.org/Archives/Public/public-webcrypto/2014Jul/0016.html


(please ignore statement below)

________________________________
This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.

Received on Friday, 25 July 2014 21:29:29 UTC