Re: [cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

On 10 March 2013 01:25, Tony Arcieri wrote: > On Sat, Mar 9, 2013 at 4:16 PM, Jeffrey Walton wrote: >> >> The Web Cryptography Working Group looks well organized, provides a >> very good roadmap, and offers good documentation. >> http://www.w3.org/2012/webcrypto/. > > for example they recommend C

Re: [cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

On 10 Mar 2013, at 10:51, Ben Laurie wrote: On 10 March 2013 01:25, Tony Arcieri mailto:tony.arci...@gmail.com>> wrote: On Sat, Mar 9, 2013 at 4:16 PM, Jeffrey Walton mailto:noloa...@gmail.com>> wrote: The Web Cryptography Working Group looks well organized, provides a very good roadmap, and o

Re: [cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

On 10 March 2013 01:57, Ryan Sleevi wrote: > Finally, the recommendations are for what implementations should support. > There is not any mandatory to implement suite at this point. Instead, it's > looking at what are the algorithms in vast, sweeping use today in a number > of protocols and applic

Re: [cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

On 10 March 2013 10:58, Paterson, Kenny wrote: > > On 10 Mar 2013, at 10:51, Ben Laurie wrote: > > On 10 March 2013 01:25, Tony Arcieri wrote: > > On Sat, Mar 9, 2013 at 4:16 PM, Jeffrey Walton wrote: > > > The Web Cryptography Working Group looks well organized, provides a > > very good roadmap

Re: [cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

On 10 Mar 2013, at 11:01, Ben Laurie wrote: > On 10 March 2013 10:58, Paterson, Kenny wrote: >> >> >> Right here: http://www.w3.org/TR/WebCryptoAPI: > > Somehow missed that. Thanks. > >> 19.1. Recommended algorithms >> >> This section is non-normative >> >> As the API is meant to be exten

Re: [cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

Ryan Sleevi writes: > What use case makes the "NaCl" algorithms (whose specification is merely > 'use NaCl', which boils down to "Use Salsa+Curve25519") worthwhile? Here's the abstract of "The security impact of a new cryptographic library" (http://cr.yp.to/highspeed/coolnacl-20120725.pdf): Th

Re: [cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

Everyone's got some negatives to say, drawing from their huge experience of how they do things, and things they've read from books, and things that powerful communities have proselytised over the short ages of public domain crypto. Unfortunately, we're not at the point, as a community, of sayi

Re: [cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

On Sun, Mar 10, 2013 at 12:20 PM, D. J. Bernstein wrote: > Ryan Sleevi writes: > > What use case makes the "NaCl" algorithms (whose specification is merely > > 'use NaCl', which boils down to "Use Salsa+Curve25519") worthwhile? > > > Of course, this doesn't imply that NaCl is what developers want

Re: [cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

On 10/03/13 20:25 PM, yersinia wrote: On Sun, Mar 10, 2013 at 12:20 PM, D. J. Bernstein mailto:d...@cr.yp.to>> wrote: Ryan Sleevi writes: > What use case makes the "NaCl" algorithms (whose specification is merely > 'use NaCl', which boils down to "Use Salsa+Curve25519") worthwh

Re: [cryptography] Web Cryptography API (W3C Working Draft 8 January 2013)

On Sun, Mar 10, 2013 at 6:58 PM, ianG wrote: > On 10/03/13 20:25 PM, yersinia wrote: > >> On Sun, Mar 10, 2013 at 12:20 PM, D. J. Bernstein > > wrote: >> >> Ryan Sleevi writes: >> > What use case makes the "NaCl" algorithms (whose specification is >> merely >>