- From: Mark S. Miller <erights@google.com>
- Date: Sun, 13 Feb 2011 22:12:53 -0800
[+benl, +shabsi, +frantz, +daw] On Sun, Feb 13, 2011 at 6:37 PM, Boris Zbarsky <bzbarsky at mit.edu> wrote: > On 2/13/11 8:22 PM, Adam Barth wrote: > >> It seems likely that window.crypto will continue to grow more quality >> cryptographic APIs, not all of which will be appropriate at the >> ECMAScript level. >> > > Sure; the question is whether this _particular_ API would be more > appropriate at the language level. Or more to the point, if the language > plans to grow it anyway, do we need two APIs for it? > > It's worth at least checking with the ES folks whether they plan to add a > API like this (something that fills in an array of bytes with > cryptographically strong random values) in any sort of short-term timeframe. > Thanks for checking. The answer is yes. I'm scheduled to start a discussion of <http://wiki.ecmascript.org/doku.php?id=strawman:random-er> at either the upcoming March or May meetings. Currently random-er is on the agenda for May but I may swap it into March. As you can tell, this page is currently only a placeholder. I have also talked just a bit with Shabsi Walfish, Ben Laurie, David Wagner, and Bill Frantz, all cc'ed, about the possibility of a real crypto API for EcmaScript. With the sole exception of randomness, I believe that we should handle this the same way we're handling i18n -- as a separate working group within tc39 (the EcmaScript committee) working on a separate standard library in a separate standards document. The reason to make an exception for random-er is that it's the only fundamental omission. Given a decent random-er, everything else can be done initially in JS. > > -Boris > _______________________________________________ > es-discuss mailing list > es-discuss at mozilla.org > > https://mail.mozilla.org/listinfo/es-discuss > -- Cheers, --MarkM
Received on Sunday, 13 February 2011 22:12:53 UTC