[Bug 25607] Need to advise authors about security considerations from bugzilla@jessica.w3.org on 2014-07-28 (public-webcrypto@w3.org from July 2014)

From: <bugzilla@jessica.w3.org>
Date: Mon, 28 Jul 2014 15:46:01 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25607-7213-Kr31P7Evvm@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25607

--- Comment #32 from Harry Halpin <hhalpin@w3.org> ---
Rich Salz and others,

   We think, given that the Working Group may have a finite lifespan and the
crytographic landscape does indeed change, that the CFRG would be the right
place to maintain the security considerations per algorithm.

   I would propose that once a suitable document is created as an IETF RFC, it
would then be linked to the Web Crypto spec, with appropriate text to encourage
developer to read the RFC. 

 Would an informational RFC, based on Graham and Rich's analysis but maintained
by the CFRG, on security considerations per algorithm satisfy this comment
without formal objection? 

      cheers,
          harry

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Monday, 28 July 2014 15:46:02 UTC