IRC log of crypto on 2015-09-14

Timestamps are in UTC.

20:02:32 [RRSAgent]
RRSAgent has joined #crypto
20:02:32 [RRSAgent]
logging to
20:02:34 [trackbot]
RRSAgent, make logs public
20:02:34 [Zakim]
Zakim has joined #crypto
20:02:36 [trackbot]
Zakim, this will be CRYPT
20:02:36 [Zakim]
I do not see a conference matching that name scheduled within the next hour, trackbot
20:02:37 [trackbot]
Meeting: Web Cryptography Working Group Teleconference
20:02:37 [trackbot]
Date: 14 September 2015
20:03:46 [wseltzer]
present+ wseltzer
20:04:20 [wseltzer]
present+ viriginie
20:04:25 [wseltzer]
present+ jyates
20:04:32 [markw]
present+ markw
20:04:33 [virginie]
agenda+ Members and activity status
20:04:37 [kodonog]
present+ kodonog
20:04:50 [virginie]
agenda+ Test cases status
20:05:09 [virginie]
agenda+ Discussion about existing implementation (overlap and discrepancies)
20:05:43 [hhalpin]
20:05:49 [virginie]
agenda+ WG charter extension proposal
20:06:10 [virginie]
agenda+ Revision of the roadmap
20:06:16 [virginie]
agenda+ AOB
20:06:19 [virginie]
20:06:31 [wseltzer]
present+ Charles_Engelke
20:06:40 [wseltzer]
present+ Colin
20:07:47 [wseltzer]
present+ rsleevi
20:07:55 [rsleevi]
rsleevi has joined #crypto
20:08:18 [wseltzer]
20:08:49 [wseltzer]
scribenick: wseltzer
20:08:54 [markw]
\me wseltzer, yes, I am
20:09:09 [wseltzer]
virginie: Welcome back
20:09:16 [wseltzer]
... Harry has been working on tests
20:09:40 [wseltzer]
... For this call, progress on testing, some results to report
20:09:42 [virginie]
20:10:10 [wseltzer]
... also charter extension, since current charter ends at end of Sept, so suggest 6mo extension
20:10:15 [wseltzer]
... to finalize tests and get to Rec
20:10:33 [wseltzer]
... Any other business?
20:10:56 [wseltzer]
zakim, take up agendum 1
20:10:56 [Zakim]
agendum 1. "Members and activity status" taken up [from virginie]
20:11:12 [wseltzer]
virginie: Anyone want to discuss implementation?
20:11:15 [hhalpin]
Basically, I'd like to know if anyone plans to change anything in their next browser version
20:11:36 [hhalpin]
I'm happy to email Microsoft and Mozilla.
20:11:47 [wseltzer]
rsleevi: no updates since last call
20:11:56 [wseltzer]
... we've put in the algos we intend to
20:12:12 [wseltzer]
... looking at 25519, in IETF
20:12:20 [wseltzer]
... also how to do deterministic signatures on 25519
20:12:28 [wseltzer]
... status on
20:13:04 [wseltzer]
hhalpin: test case
20:13:34 [wseltzer]
... Google led the way; MS implementation now works interoperably
20:13:42 [virginie]
FYI, harry sent a snapshot here :
20:14:03 [wseltzer]
rsleevi: there's nothing we haven't yet implemented that we plan to implement
20:14:14 [wseltzer]
... 25519 still being specified
20:14:28 [wseltzer]
... some differences platform-to-platform, see
20:14:37 [wseltzer]
... nothing is still in-progress
20:14:59 [wseltzer]
hhalpin: I suggested algos for browser profile based on Mac/Linux/Windows
20:15:00 [hhalpin]
Then there's some algorithms with no implementations: RSA-PSS, AES-CMAC, AES-CFB, CONCAT, HKDF-CTR
20:15:07 [wseltzer]
... some algos have no implementation
20:15:09 [hhalpin]
Should we remove?
20:15:10 [wseltzer]
... Should we remove them?
20:15:12 [rsleevi]
Not really all that close. e.g. the lack of ECC on Linux when using an NSS w/o ECC (RHEL & friends)
20:15:27 [virginie]
question to rsleevi : is this page the one you are referencing for chromium ?
20:15:31 [rsleevi]
That's not correct statement harry
20:15:42 [rsleevi]
Chrome implements RSA-PSS, HKDF-CTR (in the modified form)
20:16:26 [wseltzer]
rsleevi: there was a github version that had a bug
20:16:33 [hhalpin]
20:16:33 [trackbot]
Error finding 'Fix'. You can review and register nicknames at <>.
20:16:47 [wseltzer]
... there's an open bug that what's in the spec is unimplementable
20:17:11 [rsleevi]
Not sure what you mean by "FIx RSA-PSS"
20:17:15 [rsleevi]
the issue was in HKDF-CTR
20:17:20 [wseltzer]
hhalpin: it would be great to fix that
20:17:34 [rsleevi]
20:17:39 [wseltzer]
hhalpin: reviewing
20:17:56 [wseltzer]
... Do we keep those algos that have 2 implementations, or those implemented everywhere?
20:18:16 [wseltzer]
... at least 2 proves interop; devs might like what's implemented everywhere
20:19:12 [wseltzer]
virginie: it's more reasonable to keep algos that are implemented broadly; 2 is a minimum, even better to get broader implementation
20:19:22 [rsleevi]
Even within the algorithm space, there's a number of differences
20:19:34 [rsleevi]
e.g. Safari does not implement the DER-encoded forms (SPKI, PKCS#8)
20:19:40 [rsleevi]
Chrome does not implement the AES-192 families
20:19:44 [wseltzer]
hhalpin: if we don't expect implementers to change, then suggest making browser profile based on what's already been implemented everywhere
20:19:53 [rsleevi]
Curve P-521 may be removed
20:20:09 [wseltzer]
... Q to WG: should browser profile be 2 implementations, or all browsers?
20:20:26 [rsleevi]
Even Chrome's implementation of SPKI/PKCS#8 are not spec compliant w/ respect to validation, error handling, or strict export. Real interoperability concerns there.
20:20:29 [wseltzer]
virginie: question to those implementors not on the call, are there other algos that you intend to implement?
20:20:35 [rsleevi]
(We're more liberal than required by the spec)
20:20:46 [wseltzer]
hhalpin: we can't exit CR until we specify a browser profile
20:21:02 [wseltzer]
... so I'm asking editors what they want to include
20:21:27 [hhalpin]
The question is does the 'browser profile' cover algorithms that currently have interop between *all browsers*, 3, or 2?
20:21:27 [wseltzer]
rsleevi: The spec should reflect reality
20:21:49 [wseltzer]
... we want to understand why there are 2 but not more implementers -- plans, or schedule
20:21:51 [hhalpin]
20:22:17 [engelke]
20:22:18 [wseltzer]
... I described in irc a number of ways that implementations can vary
20:22:23 [wseltzer]
... we need implementer feedback
20:22:33 [wseltzer]
ack next
20:22:51 [wseltzer]
hhalpin: to editors, woudl you support dropping from the spec algos with no or 1 implementation?
20:22:56 [wseltzer]
rsleevi: absolutely
20:23:11 [virginie]
+1 to that proposal, harry, dropping less then 2 implementations
20:23:13 [wseltzer]
hhalpin: a few cases that only Mozilla implements
20:23:21 [wseltzer]
... would you want to drop those?
20:23:35 [wseltzer]
rsleevi: for the things we haven't implemented, we don't plan to implement.
20:23:53 [wseltzer]
... I'd be curious to hear from the group at-large about use cases, including non-browser
20:24:21 [hhalpin]
20:24:45 [wseltzer]
... algos where no one plans to implement don't do anyone a service in the spec
20:24:57 [wseltzer]
markw: flag 1 or fewer implementation as to-be-removed (at-risk)
20:25:10 [wseltzer]
... so implementers can report plans to implement
20:25:20 [wseltzer]
... but we need 2 interop implementations to move forward
20:25:37 [wseltzer]
... can keep them around someplace, document history
20:25:42 [wseltzer]
ack engelke
20:25:55 [wseltzer]
engelke: as a developer, I'm neutral on how much is added
20:26:07 [wseltzer]
... would like profiles to have lower bound of commonality
20:26:23 [wseltzer]
... so 2 users on different browsers can community
20:26:28 [wseltzer]
20:26:41 [wseltzer]
virginie: Direction to have two implementations of each algo
20:26:41 [rsleevi]
Speaking with the "I have to deal with crypto lawyers" hat on, I don't know we can *guarantee* that :) The best is 'best effort' and recognizing configuration and laws conspire against us
20:27:28 [hhalpin]
I believe the 'browser profile' was agreed to informative rather than normative
20:27:49 [wseltzer]
rsleevi: it's crypto, so we can't guarantee that every browser will be able to talk, everywhere
20:27:50 [hhalpin]
Just a quick clue to end-users that 'at the date of this spec, all these browsers implemented these algorithms'
20:28:09 [virginie]
to hhalpin, okay
20:28:16 [wseltzer]
... conceptually similar to the gamepad API doesn't work if you don't have a gamepad
20:28:29 [wseltzer]
hhalpin: we should try to get MS and Moz into a meeting
20:28:50 [virginie]
action to hhalpin and virginie to have mozilla and microsoft opinion or presence for the next call
20:28:50 [trackbot]
Error finding 'to'. You can review and register nicknames at <>.
20:28:57 [wseltzer]
... saying we will remove these algos with only one implemenation, unless you have plans to implement
20:29:05 [wseltzer]
virginie: sure
20:29:18 [wseltzer]
... Ryan, could you update list Harry sent?
20:29:25 [wseltzer]
... regarding implementation status
20:29:26 [hhalpin]
We should probably move that list into github
20:29:33 [rsleevi]
20:29:45 [wseltzer]
rsleevi: that github link, now fixed
20:29:49 [virginie]
20:30:20 [wseltzer]
... is a representative sample of tested from a mac
20:30:46 [wseltzer]
virginie: Harry, where are you on testing?
20:31:08 [wseltzer]
hhalpin: still working on it for the CR report
20:31:16 [wseltzer]
... I'll put a sample CR report in github
20:31:31 [wseltzer]
... invite pull requests
20:31:58 [wseltzer]
hhalpin: 2 weeks to put CR report together
20:32:16 [wseltzer]
... review at next meeting, then review spec and delete unused algorithms
20:32:24 [wseltzer]
... and then ready to move forward
20:32:32 [wseltzer]
virginie: Meet again 28 September?
20:33:02 [hhalpin]
The main issue would be to get rbarnes and israel here, but I'll ping them.
20:33:08 [wseltzer]
RESOLVED: meet 28 September
20:33:23 [wseltzer]
virginie: try to get Mozilla and Microsoft to the next call
20:33:40 [wseltzer]
zakim, take up agendum 4
20:33:40 [Zakim]
agendum 4. "WG charter extension proposal" taken up [from virginie]
20:34:09 [wseltzer]
virginie: W3C doesn't want groups to publish when out of charter
20:34:19 [wseltzer]
... propose to extend charter, unchanged, for 6 months
20:34:29 [wseltzer]
... no change of scope, just move out the milestones
20:34:30 [rsleevi]
+1 to charter extension
20:34:38 [wseltzer]
... if you agree with extension, +1
20:34:46 [engelke]
20:34:49 [virginie]
+1 for charter extension by 6 months
20:34:52 [markw]
20:35:11 [wseltzer]
RESOLVED: Group supports charter extension request
20:35:22 [virginie]
20:35:52 [wseltzer]
virginie: Revision of roadmap, Harry suggests we can finish by end of year
20:36:08 [hhalpin]
20:36:29 [wseltzer]
virginie: another thing still on the plan is to transform key discovery to note
20:36:40 [wseltzer]
... I'll send a formal proposal
20:36:46 [wseltzer]
markw: sounds good
20:37:00 [wseltzer]
virginie: any other questions?
20:37:31 [rsleevi]
Regrets, I won't be able to make the next call.
20:38:29 [wseltzer]
virginie: ok to keep in touch by email?
20:38:44 [wseltzer]
rsleevi: I'll review the minutes and email
20:39:16 [wseltzer]
20:39:21 [wseltzer]
trackbot, end meeting
20:39:21 [trackbot]
Zakim, list attendees
20:39:21 [Zakim]
As of this point the attendees have been wseltzer, viriginie, jyates, markw, kodonog, hhalpin, Charles_Engelke, Colin, rsleevi
20:39:29 [trackbot]
RRSAgent, please draft minutes
20:39:29 [RRSAgent]
I have made the request to generate trackbot
20:39:30 [trackbot]
RRSAgent, bye
20:39:30 [RRSAgent]
I see 1 open action item saved in :
20:39:30 [RRSAgent]
20:39:30 [RRSAgent]
recorded in
21:13:51 [RRSAgent]
RRSAgent has joined #crypto
21:13:51 [RRSAgent]
logging to
21:13:52 [wseltzer]
rrsagent, make logs public
21:14:01 [wseltzer]
rrsagent, make minutes
21:14:01 [RRSAgent]
I have made the request to generate wseltzer
21:15:09 [wseltzer]
chair: Virginie_Galindo
21:15:12 [wseltzer]
rrsagent, make minutes
21:15:12 [RRSAgent]
I have made the request to generate wseltzer
21:15:35 [wseltzer]
s/\me wseltzer, yes, I am//
21:15:36 [wseltzer]
rrsagent, make minutes
21:15:36 [RRSAgent]
I have made the request to generate wseltzer
21:21:11 [wseltzer]
i/test case/Topic: Test cases status
21:21:25 [wseltzer]
rrsagent, make minutes
21:21:25 [RRSAgent]
I have made the request to generate wseltzer