[cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

Ben Laurie ben at links.org
Sun Mar 10 07:01:58 EDT 2013


On 10 March 2013 10:58, Paterson, Kenny <Kenny.Paterson at rhul.ac.uk> wrote:
>
> On 10 Mar 2013, at 10:51, Ben Laurie wrote:
>
> On 10 March 2013 01:25, Tony Arcieri <tony.arcieri at gmail.com> wrote:
>
> On Sat, Mar 9, 2013 at 4:16 PM, Jeffrey Walton <noloader at gmail.com> wrote:
>
>
> The Web Cryptography Working Group looks well organized, provides a
>
> very good roadmap, and offers good documentation.
>
> http://www.w3.org/2012/webcrypto/.
>
>
> for example they recommend CBC mode which is fraught with
>
> problems.
>
>
> Where?
>
>
> Right here:  http://www.w3.org/TR/WebCryptoAPI:

Somehow missed that. Thanks.

> 19.1. Recommended algorithms
>
> This section is non-normative
>
> As the API is meant to be extensible in order to keep up with future
> developments within cryptography and to provide flexibility, there are no
> strictly required algorithms. Thus users of this API should check to see
> what algorithms are currently recommended and supported by implementations.

So ... despite Ryan's claim that the recommendations are for API
implementers, it says here that they're also for users of the API.

In which case, clearly, AE modes should be recommended.

> However, in order to promote interoperability for developers, there are a
> number of recommended algorithms. The recommended algorithms are:
>
> HMAC using SHA-256
> RSASSA-PKCS1-v1_5 using SHA-256
> ECDSA using P-256 curve and SHA-256
> AES-CBC



More information about the cryptography mailing list