[Bug 27473] New: Explicit salts for the algorithm formerly known as HKDF from bugzilla@jessica.w3.org on 2014-11-30 (public-webcrypto@w3.org from November 2014)

From: <bugzilla@jessica.w3.org>
Date: Sun, 30 Nov 2014 21:31:57 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-27473-7213@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=27473

            Bug ID: 27473
           Summary: Explicit salts for the algorithm formerly known as
                    HKDF
           Product: Web Cryptography
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Web Cryptography API Document
          Assignee: sleevi@google.com
          Reporter: hhalpin@w3.org
                CC: public-webcrypto@w3.org

Pre-CR, I've just removed this Editorial Note. I assume we should address this
during CR when we'll know if explicit salts are supported in terms of interop.

---

Editorial note

The definition of HKDF allows the caller to supply an optional pseudorandom
salt value, which is used as the key during the extract phase. If this value is
not supplied, an all zero string is used instead. However, support for an
explicit salt value is not widely implemented in existing APIs, nor is it
required by existing usages of HKDF. Should this be an optional parameter, and
if so, what should the behavior be of a user agent that does not support
explicit salt values (is it conforming or non-conforming?)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Sunday, 30 November 2014 21:31:59 UTC