This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 24878 - Remove algorithm aliases
Summary: Remove algorithm aliases
Status: RESOLVED FIXED
Alias: None
Product: Web Cryptography
Classification: Unclassified
Component: Web Cryptography API Document (show other bugs)
Version: unspecified
Hardware: All All
: P2 minor
Target Milestone: ---
Assignee: Ryan Sleevi
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-01 16:35 UTC by Richard Barnes
Modified: 2014-10-22 21:23 UTC (History)
3 users (show)

See Also:

Attachments

Description Richard Barnes 2014-03-01 16:35:32 UTC 
Is there a strong use case for algorithm aliases?  There are none defined in the spec, and the Chromium implementation just fails if you pass it a string.  (Polycrypt only accepts strings, but that's clearly wrong anyway.)   It would simplify the API if we could drop the DOMString alternative in AlgorithmIdentifier.
Comment 1 Alexey Proskuryakov 2014-03-04 00:30:34 UTC 
The spec used to say that passing "foo" is equivalent to passing {name: "foo"}. Was dropping this while adding the more general aliases mechanism just an editorial mistake?

I think that allowing crypto.subtle.digest('sha-1', myArray) in place of crypto.subtle.digest({name: 'sha-1'}, myArray) is desirable. There is no need to expose a silly looking API to people who just want to compute a hash, and don't care about the full complexity of CryptoAlgorithms being dictionaries.
Comment 2 Ryan Sleevi 2014-06-16 23:21:59 UTC 
https://dvcs.w3.org/hg/webcrypto-api/rev/71498804a64d addresses the case of "SHA-1" === { "name": "SHA-1" }

It has not, however, removed support for aliases. There are no aliases defined, so I'm happy nuking that part from the spec entirely.
Comment 3 Mark Watson 2014-09-22 17:40:04 UTC 
Alias support seems clear in the algorithm normalization. Suggest we leave the spec as is: resolve won't fix.
Comment 4 Richard Barnes 2014-09-22 21:05:59 UTC 
Do any implementations support aliases, or plan to?  (I, for one, do not.)  Do any applications want/need it?  If there's no customer for this feature, let's please take it out.
Comment 5 Mark Watson 2014-09-26 16:44:38 UTC 
There are no aliases defined, so I would not expect implementations to support any.

The question is whether we want the possibility for future algorithms to define aliases, or whether we want to introduce aliases for the existing algorithms.
Comment 6 Mark Watson 2014-10-07 14:44:45 UTC 
Shall we mark this as a feature-at-risk ?
Comment 7 Ryan Sleevi 2014-10-09 21:35:43 UTC 
(In reply to Richard Barnes from comment #4)
> Do any implementations support aliases, or plan to?  (I, for one, do not.) 
> Do any applications want/need it?  If there's no customer for this feature,
> let's please take it out.

Do you implement the spec-defined behaviour that allows "SHA-1" to be equivalent to { "name": "SHA-1" } ?

(In reply to Mark Watson from comment #6)
> Shall we mark this as a feature-at-risk ?

I'm fine with taking out aliases. It was syntactic sugar proposed early on for the JOSE case, but I don't think it's good, and it inherently couples UA implementations to JOSE implementations with respect to JWE/JWS, which we have so far (intentionally) avoided normatively requiring support for.

So I'm in favour of taking it out over feature at risk, but with the caveat of the "foo" -> { "name": "foo" } as sugar that we need to figure out whether to keep or also toss.
Comment 8 Richard Barnes 2014-10-09 21:48:11 UTC 
(In reply to Ryan Sleevi from comment #7)
> (In reply to Richard Barnes from comment #4)
> > Do any implementations support aliases, or plan to?  (I, for one, do not.) 
> > Do any applications want/need it?  If there's no customer for this feature,
> > let's please take it out.
> 
> Do you implement the spec-defined behaviour that allows "SHA-1" to be
> equivalent to { "name": "SHA-1" } ?

Yes:
http://dxr.mozilla.org/mozilla-central/source/dom/crypto/WebCryptoTask.cpp#121

And that seems like it covers the biggest "I don't want to write out the whole object" case.


> (In reply to Mark Watson from comment #6)
> > Shall we mark this as a feature-at-risk ?
> 
> I'm fine with taking out aliases. It was syntactic sugar proposed early on
> for the JOSE case, but I don't think it's good, and it inherently couples UA
> implementations to JOSE implementations with respect to JWE/JWS, which we
> have so far (intentionally) avoided normatively requiring support for.
> 
> So I'm in favour of taking it out over feature at risk, but with the caveat
> of the "foo" -> { "name": "foo" } as sugar that we need to figure out
> whether to keep or also toss.

+1 to taking it out, but keeping "foo" -> { "name": "foo" }
Comment 9 virginie.galindo 2014-10-14 08:51:55 UTC 
In order to progress towards exit to Last Call for the Web Crypto API, the chair suggests the following resolution for that bug. 

Resolution : Bug RESOLVED as WONTFIX. 

If none objects before the 20th of Oct @20:00 UTC, this resolution will be endorsed.
Comment 10 Richard Barnes 2014-10-17 18:35:34 UTC 
(In reply to virginie.galindo from comment #9)
> In order to progress towards exit to Last Call for the Web Crypto API, the
> chair suggests the following resolution for that bug. 
> 
> Resolution : Bug RESOLVED as WONTFIX. 

I'm pretty surprised by this, given that there seemed to be agreement that we should take out aliases, except for "name" -> { name: "name" }, which can be handled with much less machinery.

So I would oppose resolving as WONTFIX.
Comment 11 Mark Watson 2014-10-22 21:23:17 UTC 
List and conf call discussion concluded on removing support for Aliases:

https://dvcs.w3.org/hg/webcrypto-api/rev/a0373bd1637b