[Bug 25706] New: Incomplete Key Generation Definitions from bugzilla@jessica.w3.org on 2014-05-14 (public-webcrypto@w3.org from May 2014)

From: <bugzilla@jessica.w3.org>
Date: Wed, 14 May 2014 12:01:40 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25706-7213@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25706

            Bug ID: 25706
           Summary: Incomplete Key Generation Definitions
           Product: Web Cryptography
           Version: unspecified
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Web Cryptography API Document
          Assignee: sleevi@google.com
          Reporter: kelsey.cairns@inria.fr
                CC: public-webcrypto@w3.org

For the AES algorithms and HMAC, the key generation step does not go into any
more detail than "generate a key." If there is some intended method to generate
a key, it should be specified. Similarly, if the underlying mechanism is
intentionally unspecified I think it would be good to clearly state that
somewhere. A quick search didn't yield anything and the discussions in the
section on random number generation (including the note that the random number
generator should not be used for keys) were also not helpful.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Wednesday, 14 May 2014 12:01:42 UTC