- From: Mark Watson <watsonm@netflix.com>
- Date: Thu, 25 Oct 2012 19:20:31 +0000
- To: "public-webcrypto@w3.org Group" <public-webcrypto@w3.org>
Received on Thursday, 25 October 2012 19:21:00 UTC
We've been having a few discussions about this here at the office. Why is baseKey singled out amongst the various inputs to a key derivation operation to be specified as a function parameter, vs being specified in the algorithm parameters. It seems in all examples something more than the baseKey is needed: ECDH needs the curve and peer's public value (as well as the private key from the first phase) (The curve is missing right now). Diffie-Hellman needs the prime, generator, and peer's public value (as well as the private key from the first phase) (The prime and generator are missing right now). PBKDF2 needs salt, iterations, prf and password (currently all of these are specified in the AlgorithmParameters, so there is nothing to go in the baseKey, but baseKey is not an optional parameter.) Concat would need iterations and possibly other things. Even if we separate the inputs into algorithm and operation parameters (as per ISSUE-12 [1]), the operation parameters are not necessarily just a Key object. What was the intention ? …Mark [1] http://www.w3.org/2012/webcrypto/track/issues/12
Received on Thursday, 25 October 2012 19:21:00 UTC