Re: WebRTC Certificate Management - a plea to NOT use Web Crypto

Moving conversation to public-webcrypto-comments@w3.org since it seems I am not allowed to post to public-webcrypto@w3.org


> On Dec 24, 2014, at 10:41 AM, Cullen Jennings <fluffy@cisco.com> wrote:
> 
> 
> Developing two uncoordinated sets of crypto APIs for browsers sounds like a bad idea in the long term. It's hard enough to get one right.
> 
> If the webcryto stuff we have today can't meet the needs to many major uses cases - and I view WebRTC and one of them -  then I think we need to step back and rethink the API and figure out to get to a common crypto API that can. 
> 
> A good starting point might be to have a joint call and explain what the webrtc guys are trying to accomplish as a use case and tease out some better requirements from a webcrypto point of view and then see how well things align. That might help deal with what to with things like your Req #6 which I suspect is not a short requirement for  webrtc but it somewhere we want to go long term. I think that would also make it much easier for everyone to start thinking about what's need and if what you proposed in your email would work well. 
> 
> 
> 
> 
> 
> 

Received on Wednesday, 24 December 2014 18:00:42 UTC