[Bug 27471] New: Provide even more informative text over key wrapping? from bugzilla@jessica.w3.org on 2014-11-30 (public-webcrypto@w3.org from November 2014)

From: <bugzilla@jessica.w3.org>
Date: Sun, 30 Nov 2014 21:11:02 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-27471-7213@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=27471

            Bug ID: 27471
           Summary: Provide even more informative text over key wrapping?
           Product: Web Cryptography
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Web Cryptography API Document
          Assignee: sleevi@google.com
          Reporter: hhalpin@w3.org
                CC: public-webcrypto@w3.org

Just noting that I removed the following pre-CR from Section 14, as we have I
believe resolved that we cannot address execution environment level issues in
this spec after very long debate. That being said, informative text that
clarifies that unwrapping unextractable trees are hard to guarantee without
special treatment that is not to be normatively expected from the text (but
could be provided by implementations in theory) might be useful. I also removed
the reference from the example. 

Or we could just keep the remark deleted. 

REMOVED: 

Editorial note:

ISSUE-35:

              The specification for wrapKey/unwrapKey does not specify how
authors that do not trust  the execution environment may indicate required
attributes for keys that are unwrapped. An example is unwrapping a key with a
non-extractable key, marking  the newly unwrapped key as non extractable, and
then further indicating that all keys unwrapped with the newly unwrapped key
are also non-ex

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Sunday, 30 November 2014 21:11:03 UTC