- From: Harry Halpin <hhalpin@w3.org>
- Date: Mon, 28 Sep 2015 17:34:48 -0400
- To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
- Message-ID: <5609B278.6030509@w3.org>
Thanks to Wendy Seltzer, we now have a link to the properly formatted HTML: http://www.w3.org/2015/09/28-crypto-minutes.html On 09/28/2015 04:56 PM, Harry Halpin wrote: > Myself or Wendy will try to send a properly formatted out version > before next meeting. However, for those that want the raw minutes now, > here they are! > > chair: Virginie > scribe: hhalpin > present: vijay, markw, jyates, kodong, mikepie_msft > > [16:24] ==hhalpin changed the topic of #crypto to: WebEx: +16173240000 > code: 649 188 250 password: w3c (if needed > [16:25] <virginie> > https://lists.w3.org/Archives/Public/public-webcrypto/2015Sep/0028.html > [16:25] <hhalpin> chair: Virginie > [16:25] <hhalpin> scribe: hhalpin > [16:25] <hhalpin> Virginie: Objective of the call is to have > discussion with browser profile > [16:25] <hhalpin> ... and then make edits to the spec > [16:28] <hhalpin> No implementations: RSA-PSS, AES-CMAC, AES-CFB, CONCAT > [16:28] <hhalpin> Probably keep them since there are two different > teams: DH, CONCAT, HKDF, PBDKDF2 > [16:29] <hhalpin> Delete algorithms with no implementation, and keep > onces with at least two different *teams* who made implementation even > if they only work on one platform. > [16:30] <hhalpin> So we'd give MarkW an action to remove RSA-PSS, > AES-CMAC, AES-CFB, CONCAT > [16:31] <hhalpin> The browser profile seems stable: RSASSA-PKCS1-v1_5, > RSA-OAEP, AES-CBC, AES-GCM, AES-KW, HMAC, SHA-256, SHA-384, SHA-512 > [16:33] <hhalpin> markw: We should ask to see if browser profiles and > if there's fundamental reason why some will never be implemented > [16:33] <hhalpin> vijay: I'll be sad to see RSA-PSS and PBKDF2 go > [16:33] <hhalpin> hhalpin: We can keep PBKDF2 > [16:34] <hhalpin> vijay: I'd hazard a guess that RSA-PSS is just not > widely implemented yet in various libraries > [16:34] <hhalpin> ... its in Windows OS in underyling platform but > we're not ready > [16:34] <hhalpin> markw: How about AES-CTR? > [16:35] <hhalpin> hhalpin: it's kept but we don't expose it since > there's two platforms > [16:35] <hhalpin> vijay: We've had a debate in terms of AES-CTR since > lots of people don't have underlying security properties > [16:35] <hhalpin> markw: I could have a use-case AES-CTR and you have > media files encrypted with AES counter and you wan't to described, so > you'd need AES-CTR > [16:35] <hhalpin> markw: That's abstract rather than something we > necessarily want to do > [16:36] <hhalpin> virgine: Markw, we have to demonstrate several > implementations > [16:36] <hhalpin> ... we cannot negotiate > [16:37] <virginie> Action for editor to remove : RSA-PSS, AES-CMAC, > AES-CFB, CONCAT > [16:37] * trackbot is creating a new ACTION. > [16:37] <trackbot> Error finding 'for'. You can review and register > nicknames at <http://www.w3.org/2012/webcrypto/track/users> > <http://www.w3.org/2012/webcrypto/track/users%3E>. > [16:37] <@wseltzer_transit> [we can even leave the text as > non-normative notes] > [16:38] <hhalpin> virginie: How do we proceed to capture the reality > of implementations > > [16:39] <hhalpin> ack hhalpin > [16:40] <hhalpin> hhalpin: Someone needs to craft a paragraph, > probably before the algorithm section, that says what algorithms are > implemented across all browsers with the best implementation. > [16:42] <hhalpin> Virginie: I can try to write this paragraph, but how > do we keep it updated? > [16:43] <hhalpin> We can just refer to the time-stamp of the spec, and > then update as the spec matures. We can try to check once a year, and > if there's major changes in algorthm support we can do a co-edited CR. > [16:43] <hhalpin> Virginie: Any alternatives? > [16:45] <hhalpin> Vriginie: If we make call for consensus for the plan > October 13th > [16:46] <hhalpin> ... call with management beginning of November > [16:46] <hhalpin> and then we'd try to transition out of CR and into > PR into November at some point > [16:47] <hhalpin> virginie: A phone call one week prior to TPAC Monday > the 19th > [16:47] <hhalpin> 20 UTC > [16:47] * hhalpin I'll double-check WebEx > [16:48] <mikepie_msft> thanks. bye >
Received on Monday, 28 September 2015 21:34:49 UTC