- From: Ryan Sleevi <sleevi@google.com>
- Date: Mon, 5 Oct 2015 10:52:22 -0700
- To: Eric Roman <ericroman@google.com>
- Cc: Harry Halpin <hhalpin@w3.org>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Received on Monday, 5 October 2015 17:52:54 UTC
Its use in a wide variety of protocols that one might want to implement in JS is somewhat suspect (c.f. the DH attacks in TLS resulting in the negotiated-dh) - much like PKCS#1v1.5 encryption. It's markedly slower than the elliptic curve counterpart. And not to mention the keysystem attacks in static/ephemeral negotiations (note: not ephemeral/ephemeral) We've seen no demand for it, no use cases that can't otherwise be met, and are already in the process of deprecating DHE elsewhere (e.g. in TLS). So we have no plans to implement at this time. On Mon, Oct 5, 2015 at 9:41 AM, Eric Roman <ericroman@google.com> wrote: > On Mon, Oct 5, 2015 at 9:10 AM, Harry Halpin <hhalpin@w3.org> wrote: > >> On 10/05/2015 12:08 PM, Eric Roman wrote: >> >> Chrome is not planning to implement DH: >> https://code.google.com/p/chromium/issues/detail?id=438391 >> >> >> Any reason why? >> >> It seems relatively stable. >> > > Ryan, can you comment on the specifics? > > >> yours, >> harry >> >> >> On Mon, Oct 5, 2015 at 8:45 AM, Harry Halpin <hhalpin@w3.org> wrote: >> >>> Is there any plans from Microsoft or Google's side to support >>> Diffie-Hellman key exchange? >>> >>> It's implemented by Mozilla and seems to be a well-known primitive that >>> should, in general, be supported as its used in a wide variety of >>> protocols one might want to implement in Javascript. >>> >>> yours, >>> harry >>> >>> >>> >>> >> >> >
Received on Monday, 5 October 2015 17:52:54 UTC