- From: Ryan Sleevi <sleevi@google.com>
- Date: Mon, 23 Nov 2015 18:15:46 -0800
- To: Jim Schaad <ietf@augustcellars.com>
- Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Received on Tuesday, 24 November 2015 02:16:56 UTC
On Mon, Nov 23, 2015 at 6:06 PM, Jim Schaad <ietf@augustcellars.com> wrote: > In doing a deep read of the document, I want to verify that the following > is > intended. > > I have modified the example in section 33.1 by removing the "sign" usage > from the set of usages in the generateKey line. > > * A zero-length sequence will pass Web IDL as it is legal > * Section 14.3.6 does not appear to check any of the usages for generateKey > * Section 20.8 says only throw an exception if some usage other than "sign" > or "verify" exists. This is not the case so it will pas step 1 of Generate > Key > * Step 18 of Generate Key will set [[usages]] to [] (intersection of [] and > ["sign"] > -- This means that the generateKey will be successful. > No, See step 8, which checks the [usages] of both a CryptoKey and a CryptoKeyPair to ensure that a private key does not have an empty usages.
Received on Tuesday, 24 November 2015 02:16:56 UTC