- From: Richard Barnes <rlb@ipv.sx>
- Date: Tue, 6 Oct 2015 14:10:06 -0400
- To: Ryan Sleevi <sleevi@google.com>
- Cc: Eric Roman <ericroman@google.com>, GALINDO Virginie <Virginie.Galindo@gemalto.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
On Tue, Oct 6, 2015 at 1:41 PM, Ryan Sleevi <sleevi@google.com> wrote: > Correct, and I believe Richard was looking at getting someone to implement > it for Mozilla 'real soon'; there was just some additional NSS API work that > had to happen before they could expose it to WebCrypto, and Firefox's > underlying cryptographic library supports it with one or two tweaks. Yes, we are working on this in Q4. I would oppose removing RSA-PSS from WebCrypto. Note also that RSA-PSS is a requirement for TLS 1.3. --Richard > > On Tue, Oct 6, 2015 at 10:32 AM, Eric Roman <ericroman@google.com> wrote: >> >> The meeting notes say that there are no implementations of RSA-PSS: >> > No implementations: RSA-PSS, AES-CMAC, AES-CFB, CONCAT >> >> Note that is not correct -- at least the Chrome browser implements RSA-PSS >> >> >> On Tue, Oct 6, 2015 at 10:20 AM, GALINDO Virginie >> <Virginie.Galindo@gemalto.com> wrote: >>> >>> Dear all, >>> >>> >>> >>> Following our last meeting call, we decided to remove from the normative >>> part of our specification the following algorithms for not being implemented >>> in at least 2 of the platform tested : RSA-PSS, AES-CMAC, AES-CFB, CONCAT, >>> DH. Detailed discussion can be found under >>> http://www.w3.org/2015/09/28-crypto-minutes.html. >>> >>> >>> >>> This mail is a call for consensus to validate that decision. >>> >>> >>> >>> Anyone objecting to that decision should make his motivated point before >>> the 20th of October at 17:00 UTC. >>> >>> If this decision is endorsed, the algorithms descriptions will be >>> gathered in a dedicated Note. >>> >>> >>> >>> Regards, >>> >>> Virginie >>> >>> Chair of the web crypto WG >>> >>> >>> >>> //please ignore the following statement >>> >>> ________________________________ >>> This message and any attachments are intended solely for the addressees >>> and may contain confidential information. Any unauthorized use or >>> disclosure, either whole or partial, is prohibited. >>> E-mails are susceptible to alteration. Our company shall not be liable >>> for the message if altered, changed or falsified. If you are not the >>> intended recipient of this message, please delete it and notify the sender. >>> Although all reasonable efforts have been made to keep this transmission >>> free from viruses, the sender will not be liable for damages caused by a >>> transmitted virus. >> >> >
Received on Tuesday, 6 October 2015 18:10:34 UTC