[Bug 25820] New: Should empty key usages be allowed when creating keys? from bugzilla@jessica.w3.org on 2014-05-20 (public-webcrypto@w3.org from May 2014)

From: <bugzilla@jessica.w3.org>
Date: Tue, 20 May 2014 00:21:44 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25820-7213@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25820

            Bug ID: 25820
           Summary: Should empty key usages be allowed when creating keys?
           Product: Web Cryptography
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Web Cryptography API Document
          Assignee: sleevi@google.com
          Reporter: ericroman@google.com
                CC: public-webcrypto@w3.org

A key with no usages can be created by either passing [] during
importKey/unwrapKey/generateKey. Or by passing a non-empty key usages array to
generateKey() for an asymmetric algorithm (since the usages are intersected
with those allowed by the publickey/privatekey).

Does it make sense to have keys without usages, or should these be treated as
errors and raise an exception?

A key without usages could still potentially be used with
exportKey()/wrapKey(), but not much else.

Feel free to close this with working as intended, just want to verify the
current behavior.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Tuesday, 20 May 2014 00:21:45 UTC