See also: IRC log
<trackbot> Date: 18 August 2014
<harry> wseltzer, just checking in
<harry> should be fine, the dial-in will still work
<harry> trackbot, start meeting
<trackbot> Meeting: Web Cryptography Working Group Teleconference
<trackbot> Date: 18 August 2014
<scribe> scribenick: wseltzer
Trevor: I'm a crypto consultant,
working with a bunch of different projects
... many from end-to-end security for person-to-person
communications
... many want browser clients
... and to modernize. 25519 is what they're looking at.
Virginie: We're interested in
your draft, maintenance, ideas for development
... WG is not yet aligned on which curve(s) to add, and
how
... Agendum for this informal call is Q&A
... perhaps you can present your draft
<harry> and thanks for stepping up Trevor and editing the draft!
<rbarnes> has this draft been posted somewhere?
Trevor: Context: lots of
person-to-person projects interested in browser
extensions
... PGP community, GPG, multi-party OTR
... cryptocat, miniLock
... enscripten, twitNaCL
... speed, code correctness are concerns
... side channels are a bit of a concern
... that's why they;d like direct access, rather than writing
in JS
... Approach, add another algorithm to WebCrypto
... specific to this curve
... differently specified by DJB from ANSI
... users want EC-25519
... you could imagine ECDH-NIST, ECDH-NUMS, etc.
... so that's what I did.
... Main difference is key import format.
selfissued: clarification, JOSE
is open to new representation when there are new curves using
them
... IETF uses registry, so W3C spec can register a key type and
use it
Trevor: do we need IANA assignment for registry?
<harry> Trevor's drat is here:
<rbarnes> harry: thanks
selfissued: It won't happen until JOSE is finalized
<harry> The registry question is a long one that is the source of controversy :)
<harry> ... however, get meeting you at HOPE and thanks for stepping up! I appreciate it.
rbarnes: Thanks Trevor
... because of the way DJB specified 25519, it's more like a
new algo than like parameters for an existing algo
... lots of webcrypto is about exposing crypto libraries to
js
... but most libraries don't currently support 25519
... which would delay implementation
Virginie: anything you can share about implementations?
rbarnes: heated debate in
IETF
... do you have the sense that your communities are interested
in 25519 specifically, or non-NIST more generically?
Trevor: 25519 has been around,
it's well specified, it's fast, so it has mindshare.
... those who have committed likely want to stick with it.
rbarnes: Whatever is chosen for TLS will be implemented in browser libraries
Trevor: so easiest if IETF chooses 25519
Virginie: we're also working on
extensibility
... What would be needed in main spec to facilitate
addition
... Did you find problems?
<rbarnes> +1 to using this as a test case for extensibility
Trevor: Pretty
straightforward
... does the WG like this strategy?
<rbarnes> is bal on the call/
<rbarnes> ?
selfissued: When might you have a complete first draft to review?
Trevor: depends what changes
people want
... if people like this approach, we could do ED-25519 as
well
rbarnes: if we're going to do
this, we'd probably also want ED-25519
... but as far as WG process, I'm inclined to hold off for IETF
CFRG
selfissued: as a WG member, I
would like to see as complete a write-up how to use with
WebCrypto
... including key import and export, for which you need
JWK
... and to see if core spec has necessary extension points
Virginie: we don't want to ask Trevor to do unnecssary work
rbarnes: I'm proposing hold until
November, since then we'll either know CFRG choice or that it
can't make a choice
... You probably should define a format for Curve 25519 JWK
Trevor: I should add JWK, so it's a complete rough draft
Virginie: that would be
great
... Also consider mode for contribution: IE or non-member
contribution
... Thanks, Trevor
trackbot, end teleconf
<scribe> Meeting: WebCrypto WG informal meeting with Trevor Perrin
This is scribe.perl Revision: 1.138 of Date: 2013-04-25 13:59:11 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/@@/miniLock/ Succeeded: s/input/import/ Succeeded: s/Trevor:// Found ScribeNick: wseltzer Inferring Scribes: wseltzer Default Present: JYates, +1.510.508.aaaa, Wendy, Virginie, karen_oDonoghue, Trevor_Perrin, rbarnes, markw, selfissued, Israel Present: JYates +1.510.508.aaaa Wendy Virginie karen_oDonoghue Trevor_Perrin rbarnes markw selfissued Israel Regrets: BAL rsleevi Found Date: 18 Aug 2014 Guessing minutes URL: http://www.w3.org/2014/08/18-crypto-minutes.html People with action items:[End of scribe.perl diagnostic output]