20:02:32 <RRSAgent> RRSAgent has joined #crypto
20:02:32 <RRSAgent> logging to http://www.w3.org/2015/09/14-crypto-irc
20:02:34 <trackbot> RRSAgent, make logs public
20:02:34 <Zakim> Zakim has joined #crypto
20:02:36 <trackbot> Zakim, this will be CRYPT
20:02:36 <Zakim> I do not see a conference matching that name scheduled within the next hour, trackbot
20:02:37 <trackbot> Meeting: Web Cryptography Working Group Teleconference
20:02:37 <trackbot> Date: 14 September 2015
20:03:46 <wseltzer> present+ wseltzer
20:04:20 <wseltzer> present+ viriginie
20:04:25 <wseltzer> present+ jyates
20:04:32 <markw> present+ markw
20:04:33 <virginie> agenda+ Members and activity status
20:04:37 <kodonog> present+ kodonog
20:04:50 <virginie> agenda+ Test cases status
20:05:09 <virginie> agenda+ Discussion about existing implementation (overlap and discrepancies)
20:05:43 <hhalpin> present+
20:05:49 <virginie> agenda+ WG charter extension proposal
20:06:10 <virginie> agenda+ Revision of the roadmap
20:06:16 <virginie> agenda+ AOB
20:06:19 <virginie> agenda?
20:06:31 <wseltzer> present+ Charles_Engelke
20:06:40 <wseltzer> present+ Colin
20:07:47 <wseltzer> present+ rsleevi
20:07:55 <rsleevi> rsleevi has joined #crypto
20:08:18 <wseltzer> scribe?
20:08:49 <wseltzer> scribenick: wseltzer
20:08:54 <markw> \me wseltzer, yes, I am
20:09:09 <wseltzer> virginie: Welcome back
20:09:16 <wseltzer> ... Harry has been working on tests
20:09:40 <wseltzer> ... For this call, progress on testing, some results to report
20:09:42 <virginie> agenda?
20:10:10 <wseltzer> ... also charter extension, since current charter ends at end of Sept, so suggest 6mo extension
20:10:15 <wseltzer> ... to finalize tests and get to Rec
20:10:33 <wseltzer> ... Any other business?
20:10:56 <wseltzer> zakim, take up agendum 1
20:10:56 <Zakim> agendum 1. "Members and activity status" taken up [from virginie]
20:11:12 <wseltzer> virginie: Anyone want to discuss implementation?
20:11:15 <hhalpin> Basically, I'd like to know if anyone plans to change anything in their next browser version
20:11:36 <hhalpin> I'm happy to email Microsoft and Mozilla.
20:11:47 <wseltzer> rsleevi: no updates since last call
20:11:56 <wseltzer> ... we've put in the algos we intend to
20:12:12 <wseltzer> ... looking at 25519, in IETF
20:12:20 <wseltzer> ... also how to do deterministic signatures on 25519
20:12:28 <wseltzer> ... status on chromium.org
20:13:04 <wseltzer> hhalpin: test case
20:13:34 <wseltzer> ... Google led the way; MS implementation now works interoperably
20:13:42 <virginie> FYI, harry sent a snapshot here : https://lists.w3.org/Archives/Public/public-webcrypto/2015Sep/0008.html
20:14:03 <wseltzer> rsleevi: there's nothing we haven't yet implemented that we plan to implement
20:14:14 <wseltzer> ... 25519 still being specified
20:14:28 <wseltzer> ... some differences platform-to-platform, see chromium.org
20:14:37 <wseltzer> ... nothing is still in-progress
20:14:59 <wseltzer> hhalpin: I suggested algos for browser profile based on Mac/Linux/Windows
20:15:00 <hhalpin> Then there's some algorithms with no implementations: RSA-PSS, AES-CMAC, AES-CFB, CONCAT, HKDF-CTR
20:15:07 <wseltzer> ... some algos have no implementation
20:15:09 <hhalpin> Should we remove?
20:15:10 <wseltzer> ... Should we remove them?
20:15:12 <rsleevi> Not really all that close. e.g. the lack of ECC on Linux when using an NSS w/o ECC (RHEL & friends)
20:15:27 <virginie> question to rsleevi : is this page the one you are referencing for chromium ? https://www.chromium.org/blink/webcrypto
20:15:31 <rsleevi> That's not correct statement harry
20:15:42 <rsleevi> Chrome implements RSA-PSS, HKDF-CTR (in the modified form)
20:16:26 <wseltzer> rsleevi: there was a github version that had a bug
20:16:33 <hhalpin> ACTION: Fix RSA-PSS
20:16:33 <trackbot> Error finding 'Fix'. You can review and register nicknames at <http://www.w3.org/2012/webcrypto/track/users>.
20:16:47 <wseltzer> ... there's an open bug that what's in the spec is unimplementable
20:17:11 <rsleevi> Not sure what you mean by "FIx RSA-PSS"
20:17:15 <rsleevi> the issue was in HKDF-CTR
20:17:20 <wseltzer> hhalpin: it would be great to fix that
20:17:34 <rsleevi> https://diafygi.github.io/webcrypto-examples/
20:17:39 <wseltzer> hhalpin: reviewing https://lists.w3.org/Archives/Public/public-webcrypto/2015Sep/0008.html
20:17:56 <wseltzer> ... Do we keep those algos that have 2 implementations, or those implemented everywhere?
20:18:16 <wseltzer> ... at least 2 proves interop; devs might like what's implemented everywhere
20:19:12 <wseltzer> virginie: it's more reasonable to keep algos that are implemented broadly; 2 is a minimum, even better to get broader implementation
20:19:22 <rsleevi> Even within the algorithm space, there's a number of differences
20:19:34 <rsleevi> e.g. Safari does not implement the DER-encoded forms (SPKI, PKCS#8)
20:19:40 <rsleevi> Chrome does not implement the AES-192 families
20:19:44 <wseltzer> hhalpin: if we don't expect implementers to change, then suggest making browser profile based on what's already been implemented everywhere
20:19:53 <rsleevi> Curve P-521 may be removed
20:20:09 <wseltzer> ... Q to WG: should browser profile be 2 implementations, or all browsers?
20:20:26 <rsleevi> Even Chrome's implementation of SPKI/PKCS#8 are not spec compliant w/ respect to validation, error handling, or strict export. Real interoperability concerns there.
20:20:29 <wseltzer> virginie: question to those implementors not on the call, are there other algos that you intend to implement?
20:20:35 <rsleevi> (We're more liberal than required by the spec)
20:20:46 <wseltzer> hhalpin: we can't exit CR until we specify a browser profile
20:21:02 <wseltzer> ... so I'm asking editors what they want to include
20:21:27 <hhalpin> The question is does the 'browser profile' cover algorithms that currently have interop between *all browsers*, 3, or 2?
20:21:27 <wseltzer> rsleevi: The spec should reflect reality
20:21:49 <wseltzer> ... we want to understand why there are 2 but not more implementers -- plans, or schedule
20:21:51 <hhalpin> q+
20:22:17 <engelke> q+
20:22:18 <wseltzer> ... I described in irc a number of ways that implementations can vary
20:22:23 <wseltzer> ... we need implementer feedback
20:22:33 <wseltzer> ack next
20:22:51 <wseltzer> hhalpin: to editors, woudl you support dropping from the spec algos with no or 1 implementation?
20:22:56 <wseltzer> rsleevi: absolutely
20:23:11 <virginie> +1 to that proposal, harry, dropping less then 2 implementations
20:23:13 <wseltzer> hhalpin: a few cases that only Mozilla implements
20:23:21 <wseltzer> ... would you want to drop those?
20:23:35 <wseltzer> rsleevi: for the things we haven't implemented, we don't plan to implement.
20:23:53 <wseltzer> ... I'd be curious to hear from the group at-large about use cases, including non-browser
20:24:21 <hhalpin> q+
20:24:45 <wseltzer> ... algos where no one plans to implement don't do anyone a service in the spec
20:24:57 <wseltzer> markw: flag 1 or fewer implementation as to-be-removed (at-risk)
20:25:10 <wseltzer> ... so implementers can report plans to implement
20:25:20 <wseltzer> ... but we need 2 interop implementations to move forward
20:25:37 <wseltzer> ... can keep them around someplace, document history
20:25:42 <wseltzer> ack engelke
20:25:55 <wseltzer> engelke: as a developer, I'm neutral on how much is added
20:26:07 <wseltzer> ... would like profiles to have lower bound of commonality
20:26:23 <wseltzer> ... so 2 users on different browsers can community
20:26:28 <wseltzer> s/community/communicate/
20:26:41 <wseltzer> virginie: Direction to have two implementations of each algo
20:26:41 <rsleevi> Speaking with the "I have to deal with crypto lawyers" hat on, I don't know we can *guarantee* that :) The best is 'best effort' and recognizing configuration and laws conspire against us
20:27:28 <hhalpin> I believe the 'browser profile' was agreed to informative rather than normative
20:27:49 <wseltzer> rsleevi: it's crypto, so we can't guarantee that every browser will be able to talk, everywhere
20:27:50 <hhalpin> Just a quick clue to end-users that 'at the date of this spec, all these browsers implemented these algorithms'
20:28:09 <virginie> to hhalpin, okay
20:28:16 <wseltzer> ... conceptually similar to the gamepad API doesn't work if you don't have a gamepad
20:28:29 <wseltzer> hhalpin: we should try to get MS and Moz into a meeting
20:28:50 <virginie> action to hhalpin and virginie to have mozilla and microsoft opinion or presence for the next call
20:28:50 <trackbot> Error finding 'to'. You can review and register nicknames at <http://www.w3.org/2012/webcrypto/track/users>.
20:28:57 <wseltzer> ... saying we will remove these algos with only one implemenation, unless you have plans to implement
20:29:05 <wseltzer> virginie: sure
20:29:18 <wseltzer> ... Ryan, could you update list Harry sent?
20:29:25 <wseltzer> ... regarding implementation status
20:29:26 <hhalpin> We should probably move that list into github
20:29:33 <rsleevi> https://diafygi.github.io/webcrypto-examples/
20:29:45 <wseltzer> rsleevi: that github link, now fixed
20:29:49 <virginie> agenda?
20:30:20 <wseltzer> ... is a representative sample of tested from a mac
20:30:46 <wseltzer> virginie: Harry, where are you on testing?
20:31:08 <wseltzer> hhalpin: still working on it for the CR report
20:31:16 <wseltzer> ... I'll put a sample CR report in github
20:31:31 <wseltzer> ... invite pull requests
20:31:58 <wseltzer> hhalpin: 2 weeks to put CR report together
20:32:16 <wseltzer> ... review at next meeting, then review spec and delete unused algorithms
20:32:24 <wseltzer> ... and then ready to move forward
20:32:32 <wseltzer> virginie: Meet again 28 September?
20:33:02 <hhalpin> The main issue would be to get rbarnes and israel here, but I'll ping them.
20:33:08 <wseltzer> RESOLVED: meet 28 September
20:33:23 <wseltzer> virginie: try to get Mozilla and Microsoft to the next call
20:33:40 <wseltzer> zakim, take up agendum 4
20:33:40 <Zakim> agendum 4. "WG charter extension proposal" taken up [from virginie]
20:34:09 <wseltzer> virginie: W3C doesn't want groups to publish when out of charter
20:34:19 <wseltzer> ... propose to extend charter, unchanged, for 6 months
20:34:29 <wseltzer> ... no change of scope, just move out the milestones
20:34:30 <rsleevi> +1 to charter extension
20:34:38 <wseltzer> ... if you agree with extension, +1
20:34:46 <engelke> +1
20:34:49 <virginie> +1 for charter extension by 6 months
20:34:52 <markw> +1
20:35:11 <wseltzer> RESOLVED: Group supports charter extension request
20:35:22 <virginie> agenda?
20:35:52 <wseltzer> virginie: Revision of roadmap, Harry suggests we can finish by end of year
20:36:08 <hhalpin> +1
20:36:29 <wseltzer> virginie: another thing still on the plan is to transform key discovery to note
20:36:40 <wseltzer> ... I'll send a formal proposal
20:36:46 <wseltzer> markw: sounds good
20:37:00 <wseltzer> virginie: any other questions?
20:37:31 <rsleevi> Regrets, I won't be able to make the next call.
20:38:29 <wseltzer> virginie: ok to keep in touch by email?
20:38:44 <wseltzer> rsleevi: I'll review the minutes and email
20:39:16 <wseltzer> [adjourned]
20:39:21 <wseltzer> trackbot, end meeting
20:39:21 <trackbot> Zakim, list attendees
20:39:21 <Zakim> As of this point the attendees have been wseltzer, viriginie, jyates, markw, kodonog, hhalpin, Charles_Engelke, Colin, rsleevi
20:39:29 <trackbot> RRSAgent, please draft minutes
20:39:29 <RRSAgent> I have made the request to generate http://www.w3.org/2015/09/14-crypto-minutes.html trackbot
20:39:30 <trackbot> RRSAgent, bye
20:39:30 <RRSAgent> I see 1 open action item saved in http://www.w3.org/2015/09/14-crypto-actions.rdf :
20:39:30 <RRSAgent> ACTION: Fix RSA-PSS [1]
20:39:30 <RRSAgent>   recorded in http://www.w3.org/2015/09/14-crypto-irc#T20-16-33
21:13:51 <RRSAgent> RRSAgent has joined #crypto
21:13:51 <RRSAgent> logging to http://www.w3.org/2015/09/14-crypto-irc
21:13:52 <wseltzer> rrsagent, make logs public
21:14:01 <wseltzer> rrsagent, make minutes
21:14:01 <RRSAgent> I have made the request to generate http://www.w3.org/2015/09/14-crypto-minutes.html wseltzer
21:15:09 <wseltzer> chair: Virginie_Galindo
21:15:12 <wseltzer> rrsagent, make minutes
21:15:12 <RRSAgent> I have made the request to generate http://www.w3.org/2015/09/14-crypto-minutes.html wseltzer
21:15:35 <wseltzer> s/\me wseltzer, yes, I am//
21:15:36 <wseltzer> rrsagent, make minutes
21:15:36 <RRSAgent> I have made the request to generate http://www.w3.org/2015/09/14-crypto-minutes.html wseltzer
21:21:11 <wseltzer> i/test case/Topic: Test cases status
21:21:25 <wseltzer> rrsagent, make minutes
21:21:25 <RRSAgent> I have made the request to generate http://www.w3.org/2015/09/14-crypto-minutes.html wseltzer