See also: IRC log
<virginie> good evening/afternoon cryptoz
<mete> good evening virginie
<wseltzer> trackbot, prepare teleconf
<trackbot> Date: 16 September 2013
<kodonog> zakim aadd is kodonog
<virginie> proposed agenda http://lists.w3.org/Archives/Public/public-webcrypto/2013Sep/0039.html
<wseltzer> scribenick: MichaelH
<trackbot> ACTION-64 -- Ryan Sleevi to Add SEED to WebCrypto API -- due 2012-11-09 -- OPEN
<rsleevi> sorry, having phone difficulties atm
rsleevi: No plans to implement SEED
<arunranga> Correct, no plan to implement SEED in FxOS right now.
rsleevi: SEED bad algorithm
... no likely to be included in Chrome
... just won't put it in
<arunranga> My recommendation is to close this.
rsleevi: proposal to close
<wseltzer> Proposal: close ACTION-64, no implementation expected
<trackbot> ACTION-73 -- Harry Halpin to Ask for a formal review of WebApps and HTML -- due 2013-01-28 -- OPEN
Virginie: Ping back end of this month
<wseltzer> close ACTION-74, expecting to hear back from PING next
<wseltzer> trackbot, close ACTION-74, expecting to hear back from PING next
<trackbot> Sorry, wseltzer, I don't understand 'trackbot, close ACTION-74, expecting to hear back from PING next'. Please refer to <http://www.w3.org/2005/06/tracker/irc> for help.
<wseltzer> trackbot, close ACTION-74
<trackbot> Closed ACTION-74.
<trackbot> ACTION-76 -- Harry Halpin to Schedule call about registry, due 4/15 -- due 2013-03-11 -- OPEN
<trackbot> ACTION-80 -- Karen Lu to Write up use case for the pre-provisioned key discovery use case -- due 2013-04-30 -- OPEN
Virginie: Keep it open
<wseltzer> close ACTION-80
<trackbot> Closed ACTION-80.
<trackbot> ACTION-81 -- Ryan Sleevi to Describe we're not storing key material itself in IDB -- due 2013-04-30 -- OPEN
<wseltzer> close ACTION-81
<trackbot> Closed ACTION-81.
<trackbot> ACTION-82 -- Vijay Bharadwaj to Write sentence about how structured clone relates to different types of key storage and that that key storage may have high-security implications (not in our spec!) -- due 2013-04-30 -- OPEN
Virginie: Ryan do we have anything about cloning
rsleevi: Don't know
<trackbot> ACTION-84 -- Richard Barnes to Vgb and jimsch to discuss key generation/derivation/agreement -- due 2013-05-21 -- OPEN
<wseltzer> close action-84
<trackbot> Closed action-84.
Virginie: Discussion finished?
<trackbot> ACTION-86 -- Richard Barnes to Make a proposal for an explicit auto generation token for IV -- due 2013-05-28 -- OPEN
rsleevi: Yes, close it
<trackbot> ACTION-88 -- Ryan Sleevi to Review syntactic sugar overloads for taking (ArrayBuffer and ArrayBufferView) -- due 2013-04-30 -- OPEN
virginie: Anybody know anything about 86?
<wseltzer> close action-88
<trackbot> Closed action-88.
<trackbot> action-89 -- Ryan Sleevi to And israelh to work more on Streams API in joint with Futures API -- due 2013-04-30 -- OPEN
<arunranga> This one ^^ is open in multiple working groups.
virginie: Is 89 complete?
Israelh: No, more work needed
<trackbot> action-91 -- Mark Watson to Clarify how public/private key pairs are retrieved with respect to naming -- due 2013-05-01 -- OPEN
virginie: OK to close due to two names
<trackbot> ACTION-96 -- Ryan Sleevi to Include statement about web platform in the doc -- due 2013-05-01 -- OPEN
markw: No still open
virginie: Is 96 complete?
<trackbot> ACTION-98 -- Ryan Sleevi to Get review of dictionary/WebIDL problem from TAG and/or WebApps -- due 2013-05-20 -- OPEN
rsleevi: Issue should be resolved, but keep open for now
<wseltzer> close ACTION-98
<trackbot> Closed ACTION-98.
<wseltzer> close ACTION-99
<trackbot> Closed ACTION-99.
<wseltzer> close ACTION-103
<trackbot> Closed ACTION-103.
<trackbot> action-104 -- Mountie Lee to Usability of Web Crypto Key Discovery by Korean banking use case -- due 2013-06-03 -- OPEN
<trackbot> ACTION-105 -- Nick Van Den Bleeken to Usability of Web Crypto Key Discovery by belgium eID use case -- due 2013-06-03 -- OPEN
<trackbot> ACTION-106 -- Virginie GALINDO to Key Discovery - Use Case for multi keys on a single device -- due 2013-07-29 -- OPEN
<wseltzer> close action 106
<trackbot> ACTION-107 -- Harry Halpin to With markw to make sure it goes through WD via W3C TR -- due 2013-07-29 -- OPEN
<wseltzer> close action-107
<trackbot> Closed action-107.
<wseltzer> close action-108
<trackbot> Closed action-108.
<trackbot> ACTION-109 -- Ryan Sleevi to Submit the W3C Web Crypto WG API to public-script-coord -- due 2013-08-15 -- OPEN
virginie: Ryan, improvements made?
<trackbot> ACTION-110 -- Alex Russell to Ask TAG review on Web Crypto API -- due 2013-08-15 -- OPEN
<trackbot> ACTION-111 -- Mountie Lee to Update the Web Certificate API based on comments received by the WG -- due 2013-09-16 -- OPEN
rsleevi: that' correct
<trackbot> ACTION-112 -- Sangrae Cho to Bring in the WG some browser experiment of SOP exception for Web Certificate management -- due 2013-09-16 -- OPEN
<wseltzer> close action-113
<trackbot> Closed action-113.
Most of it!
<wseltzer> [open issues: http://www.w3.org/2012/webcrypto/track/issues/open ]
virginie: Talk about blocking issues
<trackbot> ISSUE-9 -- what will be the mean to integrate in the API the fact that key usage may need user consent ? -- open
virginie: Where are we?
rsleevi: No idea what this means
virginie: User confirms operation
rsleevi: Out of scope
<wseltzer> PROPOSAL: Close ISSUE-9 unless objections raised on-list
<trackbot> ISSUE-10 -- Making sure our API is usable with pure js environement -- open
rsleevi: Early discussions
<jimsch> Issue 9 - want to be able to pass a string from the script to the key access system for dipslay
MichaelH: Does it not still apply
... Korean use case?
virginie: Not going to address
... Issue 9 no conclusion
... Issue 12 no conclusion
<trackbot> ISSUE-28 -- Short-names for algorithms -- open
virginie: Issue 28 As a working group decided to address it
... Should be closed
<wseltzer> PROPOSAL: Close ISSUE-28
<trackbot> ISSUE-32 -- Section 5.2 in API draft should mention use of secure element in the context of key security -- open
virginie: Issue 32 Covered several times
<wseltzer> PROPOSAL: Close ISSUE-32
<trackbot> ISSUE-35 -- Handling of wrap/unwrap operations -- open
virginie: Close by email in coming weeks
... Issue 35 Still pending extract
<trackbot> ISSUE-36 -- Semantics for key generation versus key derivation -- open
virginie: Issue 36 Addressed by Vijay proposal
rsleevi: No directly by Vijay, but combination of propoisals
<trackbot> ISSUE-43 -- Separate method for key agreement -- open
virginie: Issue 43 Related to 74
<trackbot> ISSUE-44 -- Require creation of random IVs by default for CBC, CFB, GCM -- open
virginie: Issue 44 Related to IV
rsleevi: We said close this
virginie: Some topics keeping this open
... Today extractablity
virginie: Anybody having issue?
... Use bugzilla to track
virginie: Clear demand from Netflix for UA to maintain the attribute for special case of JWT
... Microsoft supported this
... Google (ryan) not a fan of proposal
... other people want to comment?
... write a sentence in the spec to describe attributes for this?
<Zakim> arunranga, you wanted to make a suggestion
arunranga: Extractability has value
... service provider needs security
... propose JWK be a distint specification
... keep if out of WebCrypto API
virginie: Jim suggest an alternate approach
rsleevi: Jim proposal similar to one I made earlier
... usage of SE, Smart card, painting ourselves into a corner
... ryan "Can you paste those into the irc?"
... Set of undefined attributes
... key format describes attributes
<rsleevi> Will mail those to the list, as discussed
jimsch: Don't believe that will be sufficient
... I know what happens for RSA and symettric key unwrap
... but other key types are not well understood
... Operations are divided
... into multiple operations
markw: Ryan suggestion is good
... allows us to move forward
... future updates can be made when needed
<arunranga> So I think rsleevi said what I was saying, but better
ryan: The description of the problem with multiple key usages is not clear
... only netflix has requested this; go for min solution
... until we get more complete use cases
virginie: We may have a consenus
<Zakim> rsleevi, you wanted to respond to jimsch
virginie: get ryan to generate a written proposal
... group to review
<wseltzer> MichaelH: use case for multiple keys on a single device
<wseltzer> ... home automation system
<wseltzer> ... see email: http://lists.w3.org/Archives/Public/public-webcrypto/2013Jul/0070.html
<wseltzer> ACTION, MichaelH to make proposal to amend API
<wseltzer> ACTION: MichaelH to make proposal to amend API [recorded in http://www.w3.org/2013/09/16-crypto-minutes.html#action01]
<trackbot> Error finding 'MichaelH'. You can review and register nicknames at <http://www.w3.org/2012/webcrypto/track/users>.
<wseltzer> ACTION: Michael Hutchinson to make proposal to amend API [recorded in http://www.w3.org/2013/09/16-crypto-minutes.html#action02]
<trackbot> 'Michael' is an ambiguous username. Please try a different identifier, such as family name or username (e.g., MHutchinson, mjones7).
<arunranga> +1 Viriginie
<wseltzer> ACTION: MHutchinson to make proposal to amend API [recorded in http://www.w3.org/2013/09/16-crypto-minutes.html#action03]
<trackbot> Created ACTION-114 - Make proposal to amend api [on Michael Hutchinson - due 2013-09-23].
virginie: Please register
<wseltzer> [TPAC 2013: http://www.w3.org/2013/11/TPAC/ ]
@wseltzer <http://www.w3.org/2012/webcrypto/track/users>.DOCUMENT NOT FOUND
<wseltzer> [early-bird registration until 18 Oct; get your visa invitation letters if necessary ]
scribe: Any topic please mention it early!
<rsleevi> +1 to attending to TPAC
<jimsch> +0 Status is currently unknown
<rsleevi> I said I'm attending
scribe: Just try and stop him!
... Visa could be an issue
scribe: so get your request in early
Next call in 2 weeks
Web Certificate API
<hhalpin_> If you submit your registration and email Beihang for a visa letter, you will get I believe by Sept 30th.
<hhalpin_> Also, note next call Dan Boneh wants some time for his review of the API.
scribe: MichaelH please get proposal in so we can review that
@wseltzer close scibe?
<wseltzer> trackbot, end teleconf