- From: <bugzilla@jessica.w3.org>
- Date: Fri, 10 Oct 2014 15:43:33 +0000
- To: public-webcrypto@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25618 --- Comment #50 from Harry Halpin <hhalpin@w3.org> --- Domenic, I believe the issue you reference is *not* there should be no extension specs. To be precise, the issue is: *Improve Errata Management*. "For reasons of process and practice, W3C working groups do not necessarily issue errata in an expeditious fashion. We should fix the W3C Process so that it encourages groups to consistently issue errata. We should also explore Best Practices that groups could adopt to improve their handling of this issue." I agree with that. I would of course be happy to add errata to the spec pointing to any extensions that have made through the W3C process. However, currently the Web Crypto spec does *not* have a mandatory-to-implement list of algorithms. You have two options here: 1) All algorithms are mandatory to implement. Thus, developers know exactly what algorithms to implement and there are no extensions. 2) Some or no algorithms are mandatory to implement. Then, there may be extensions. Ryan has switched his position from 2) to 1). In particular, for the case of 1) there is no way to add Curve 25519 to the spec without having all browsers implement it and re-opening Last Call. So, you gotta chose - logically you can't have 2) and then not allow extension specs (and yes, extension specs could be mentioned in errata and be easily discoverable). Microsoft has already chosen 2). I'd like to know what Google's position is, not you with a TAG hat or Ryan's personal position. -- You are receiving this mail because: You are on the CC list for the bug.
Received on Friday, 10 October 2014 15:43:35 UTC