- From: <bugzilla@jessica.w3.org>
- Date: Wed, 04 Jun 2014 01:39:00 +0000
- To: public-webcrypto@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25839 --- Comment #17 from Ryan Sleevi <sleevi@google.com> --- (In reply to Florian Bender [fbender] from comment #16) > From a security standpoint, would it be possible to provide a JS-implemented > curve via script that the API can use? Assuming this does not compromise the > security goals of the API, that would be a way to work around the issue of > missing curves because anybody can supply its own curve along their crypto > code. Providing polyfills of algorithms is partially supported, as it's part of the JS runtime. However, it's not fully possible to have a perfect polyfill with the current API. For example, if you unwrap a key, it's going to call the 'native' importKey, which as a result, will avoid any prototype overloading / method shadowing that you have done. So "yes and no" -- You are receiving this mail because: You are on the CC list for the bug.
Received on Wednesday, 4 June 2014 01:39:02 UTC