Last Call for Web Crypto API

Dear all,

The Web Crypto Working Group has published  a Last Call working draft of the Web Crypto API specification  today, 25th March 2014 [1] and requests review comments from the following groups : Web Applications WG, HTML WG, Web App Sec and TAG. We are also interested in comments from others, obviously.

The draft is available here : http://www.w3.org/TR/2014/WD-WebCryptoAPI-20140325/
The working group believes that the current document answers the requirements expressed as primary features in the Web Crypto WG charter [2]. No formal objection has been raised and no patent disclosure has been made [3].

As a reminder this specification abstract is :
This specification describes a JavaScript API for performing basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption. Additionally, it describes an API for applications to generate and/or manage the keying material necessary to perform these operations. Uses for this API range from user or service authentication, document or code signing, and the confidentiality and integrity of communications.

We are currently debating the best way to manage JWK keys and expecting specific comments on that from you and developers community. 3 issues are still open, but might not impact our fulfill requirements of the charter, see http://www.w3.org/2012/webcrypto/track/issues/open.

The Last Call period ends 20 of May 2014 (8 weeks) - please send comments to the Web Crypto WG public mailing list public-webcrypto-comments@w3.org with "[last call feedback]" at the start of the Subject line.

Thanks,
Virginie Galindo
Chair of the Web Crypto WG
Gemalto

[1] Minutes of the call where Last Call was decided  http://www.w3.org/2014/03/10-crypto-minutes.html
[2] W3C Web Crypto WG charter http://www.w3.org/2011/11/webcryptography-charter.html
[3] http://www.w3.org/2004/01/pp-impl/54174/status


This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus

Received on Tuesday, 25 March 2014 15:36:59 UTC