[Bug 26080] Remove unsafe named curves from Web Crypto API

https://www.w3.org/Bugs/Public/show_bug.cgi?id=26080

--- Comment #2 from Ryan Sleevi <sleevi@google.com> ---
(In reply to Greg Slepak from comment #0)
> In reference to, and as part of the recommendation received in, bug 25839,
> I'm creating this issue to request that:
> 
> 1. The curves that are listed as unsafe in [1] be removed from the Named
> Curves.

Presumably, [1] is http://safecurves.cr.yp.to/

The statement about "unsafe" is a statement with nuance that is not captured
here. At [1], it's defined in the context of the set of criteria that the
authors set out. Though reasonable, certainly true evaluation criteria, at the
same time, their safety lacks known vulernabilities, and is widely deployed.

There are significant inter-operability reasons to include the curves, least of
all being the curves status within applications like TLS and X.509.

> 2. Safe ones be recommended in their place (like Curve25519)

We'll keep that for Bug 25839

> 3. Should any Named Curves be discovered to be unsafe in the future, that
> they be deprecated and eventually removed from the spec.

That's not going to happen, for the reasons captured (at great length) on
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25985 . That's not how the web
works.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Thursday, 12 June 2014 21:46:44 UTC