Re: crypto-ISSUE-12: Should the API distinguish between algorithm and operation parameters? [Web Cryptography API] from Ryan Sleevi on 2012-08-06 (public-webcrypto@w3.org from August 2012)

From: Ryan Sleevi <sleevi@google.com>
Date: Sun, 5 Aug 2012 19:18:50 -0700
To: Web Cryptography Working Group <public-webcrypto@w3.org>
Cc: Vijay Bharadwaj <Vijay.Bharadwaj@microsoft.com>
Message-ID: <CACvaWvaMfDSa4nak1KQTNmAngGx+FUkD1KypKrCJJUtpbtVJhw@mail.gmail.com>

On Sun, Aug 5, 2012 at 7:08 PM, Web Cryptography Working Group Issue
Tracker <sysbot+tracker@w3.org> wrote:
>
> crypto-ISSUE-12: Should the API distinguish between algorithm and
> operation parameters? [Web Cryptography API]
>
> http://www.w3.org/2012/webcrypto/track/issues/12
>
> Raised by: Ryan Sleevi
> On product: Web Cryptography API
>
> During the July Face-to-Face, concern was raised about the fact that, as
> currently specified in the 1.10 draft, the AlgorithmParams does not make a
> distinction between algorithm-specific parameters and operation-specific
> parameters.
>
> An example of this is seen by examining the AES-CTR definition. The
> initial value of the counter ('counter') is something that is
> operation-specific, whereas the length of the counter ('length') is seen to
> be algorithm-specific. For a given protocol that uses AES-CTR, the counter
> length is expected to remain constant for all operations, while the actual
> value of the counter is expected to change (such as from message to message)
>
> Similarly, for RSA-OAEP, the hash ('hash') and mask generation function
> ('mgf') may be constant for multiple operations, whereas the authenticated
> data ('label') may change from operation to operation.
>
> The question was raised as to whether the methods on the Crypto interface
> should take a separate dictionary of parameters.
>
>
>

Vijay,

You raised this issue during the Face-to-Face on the 24th [1], so I
was hoping you could explain this more.

It's not clear to me what the specific value is for splitting these
out. As currently spec'd, AlgorithmParams contains all of the inputs
for a given algorithm/operation combination in a single dictionary.

My hesitation towards separating out the dictionary is that it would
mean that, in general, an algorithm would need to keep track of
dictionaries for:
- Algorithm parameters
- Operation parameters
- Key generation parameters

Is there a use-case you see for adding this?

[1] http://www.w3.org/2012/07/24-crypto-minutes.html , "vgb: As
refered in email,"

Received on Monday, 6 August 2012 02:19:18 UTC