[Bug 25618] Extensibility: Offer spec-blessed ways to extend the algorithms and curves, rather than monkey-patching the spec from bugzilla@jessica.w3.org on 2014-10-09 (public-webcrypto@w3.org from October 2014)

From: <bugzilla@jessica.w3.org>
Date: Thu, 09 Oct 2014 15:28:13 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25618-7213-bQ5PbJV4KR@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25618

--- Comment #37 from Brian LaMacchia <bal@microsoft.com> ---
Using Boris's S1/S2 notation, two points to keep in mind:

1) The desire for S2 often happens later than S1 is implemented, in particular
when there's a new cryptographic attack against an algorithm or protocol
construction.  So it's not "I want to ship S1 and not S2" as much as "I want to
ship S1 and have the flexibility to add a new hash algorithm/elliptic
curve/KDF/padding mode/whatever in some scenario quickly without needing to
reopen S1".

2) As I've said before, this spec is going to be implemented by clients other
than browsers.  You need to think about the WebCrypto spec as the crypto
platform API for JavaScript, wherever that JS runs. 

--bal

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Thursday, 9 October 2014 15:28:15 UTC