RE: Transition to PR: New "Proposed Algorithm" note for algorithms without interop (and Curve 25519 from CFRG) from GALINDO Virginie on 2015-10-12 (public-webcrypto@w3.org from October 2015)

From: GALINDO Virginie <Virginie.Galindo@gemalto.com>
Date: Mon, 12 Oct 2015 16:02:13 +0000
To: Ryan Sleevi <sleevi@google.com>, Harry Halpin <hhalpin@w3.org>
CC: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <540E99C53248CE468F6F7702588ABA2A0115B2109B@A1GTOEMBXV005.gto.a3c.atos.net>

Harry, Ryan,
On Curve 25519.
I hear to different perceptions of the situation with respect with the readiness of CFRG recommendations for algorithms. I suggest we discuss that during our call tonight and do not make decision or call for consensus before we have the elements in hands.
Regards,
Virginie

From: Ryan Sleevi [mailto:sleevi@google.com]
Sent: lundi 12 octobre 2015 17:52
To: Harry Halpin
Cc: public-webcrypto@w3.org
Subject: Re: Transition to PR: New "Proposed Algorithm" note for algorithms without interop (and Curve 25519 from CFRG)

On Sun, Oct 11, 2015 at 6:29 PM, Harry Halpin <hhalpin@w3.org<mailto:hhalpin@w3.org>> wrote:
WebCrypto Working Group,

We still have two formal objections that we have to prove are properly
resolved to progress out of Candidate Recommendation phase and
algorithms in the spec have to show interoperable implementation to get
out CR.

So as part of our transition to we have is that some algorithms are
going to removed, including some we might add back in shortly like
RSA-PSS. However, as part of the effort we would like to take all
algorithms that cannot demonstrate interoperability between two
different browser teams from the Candidate Recommendation. Rather than
have the text lost, as it is likely some of these will be added back to
the spec (like RSA-PSS), I propose that we add this to a "Proposed
Algorithms" document that will be published as a Working Group Note. It
will have no normative status and in the Working Group Note we can
outline the criteria we will use to add specifications to the Working
Group. Is the WG OK with this?

It is unclear the value of this, other than perhaps some process working flow?

There was lots of comments over the lack of support for "non-NIST"
elliptic curve cryptography. We resolved to eventually inlcude in our
Recommendation whatever elliptic curves were recommended by the IRTF
CFRG [1]. Note that since then the CFRG has recommended Curve 25519 for
DH and for signatures. So  I would further add Trevor Perrin's text for
Curve 25519 [2]  support to this "Proposed Algorithms" Note as well if
he has time to update it and the editors and WG can check his description.

I do not, and the CFRG's recommendation is still without final consensus on spec that would be necessary before finalizing such text.

A Proposed Note suffers from the same issues of CR/PR, namely, that it's perceived as frozen in time (even though the web never freezes), so given that we know it's not in a place to be frozen, it's unclear how to reconcile that.

I would like to propose a call for consensus on this proposal at our
next meeting, and can discuss it on tomorrow's teleconference if there
is any questions.

Our workmode is that we reach consensus on the mailing lists, as has been repeatedly established :)
________________________________
This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.

Received on Monday, 12 October 2015 16:02:45 UTC