I don't know if you're at the bikeshedding stage of this API's
development -- if not, please ignore me and I'll come back later. :)
****
> interface CryptoHmac {
Why isn't this CryptoMac? Surely the fact that it's an hmac is an
implementation detail.
****
It's pretty weird to me that you get a CryptoHmac and a CryptoHash via
a constructor, but you get pk/sign via window.crypto. I'd prefer
window.crypto.getHash(), window.crypto.getMac(), or something.
****
Why is it that I get to stream data to the hash / mac provider, but I
have to provide all my data upfront in order to encrypt / sign? I'd
prefer if, for all four cases, we had the option to stream and give
all the data upfront.
****
Can we have a default algorithm for hash / mac like we have a default
pk / sign? I totally buy the virtue of giving people a choice of
algorithm, but otoh it's also nice to be able to say "hash this for
me" without worrying about which algorithm(s) the browser supports.
-Justin
On Fri, Apr 20, 2012 at 6:10 AM, David Dahl <dd...@mozilla.com> wrote:
> [Forgot to reply all]
>
> ----- Forwarded Message -----
> From: "David Dahl" <dd...@mozilla.com>
> To: "Ehsan Akhgari" <ehsan.akhg...@gmail.com>
> Sent: Thursday, April 19, 2012 3:09:45 PM
> Subject: Re: Feedback on DOMCryptInternalAPI
>
> Ehsan:
>
> This API will not interact with PB mode, except that it will need to store
> keys either in the NSS db or elsewhere. Of course now that I think about it
> more we can just set a flag saying to store keys persistently or not. I think
> the wording in the feature page needs some work, sorry for the confusion.
>
> David
>
> ----- Original Message -----
> From: "Ehsan Akhgari" <ehsan.akhg...@gmail.com>
> To: "David Dahl" <dd...@mozilla.com>
> Cc: "dev-platform" <dev-platf...@lists.mozilla.org>, "mozilla's crypto code
> discussion list" <dev-tech-crypto@lists.mozilla.org>
> Sent: Thursday, April 19, 2012 12:43:24 PM
> Subject: Re: Feedback on DOMCryptInternalAPI
>
> Hi David,
>
> What is your concern here with regard to the private browsing mode? It's
> not immediately obvious to me why and how this API should interact with the
> PB mode.
>
> Thanks!
> --
> Ehsan
> <http://ehsanakhgari.org/>
>
>
> On Thu, Apr 19, 2012 at 11:09 AM, David Dahl <dd...@mozilla.com> wrote:
>
>> Hello All:
>>
>> [I have cross posted this message to dev-platform and dev-tech-crypto,
>> perhaps we should discuss this on dev-platform as it has a larger
>> subscriber base?].
>>
>> I am just putting together a draft feature page for an internal API needed
>> by the eventual DOM bindings for DOMCrypt (see:
>> https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest and
>> http://www.w3.org/2012/webcrypto/ ). I would like for this API to not
>> only support the eventual Web Crypto API, but also to allow extension
>> developers to have a useful, high-level API to work with. This seems to be
>> quite in demand based on the number of companies and developers who have
>> contacted me about hacking on my fork of WeaveCrypto ( in the DOMCrypt
>> Extension https://addons.mozilla.org/en-US/firefox/addon/domcrypt/ .)
>>
>> Mozilla developers will also be able to take advantage of this internal
>> API to more easily create browser features and/or extensions in the
>> security and privacy space. I would also like to produce a Jetpack wrapper.
>>
>> The existing spec for DOMCrypt will no doubt change very soon as the Web
>> Crypto Working Group is ramping up and based on discussions with bent and
>> khuey, we need to move to an event-driven interface. The Internal API
>> described on this feature page:
>> https://wiki.mozilla.org/DOMCryptInternalAPI should be able to handle
>> that, however, some wider discussion and feedback will really be
>> appreciated, especially with all of the changes in line for our DOM
>> bindings. The initial work for this internal API is in bug 649154.
>>
>> Regards,
>>
>> David
>> _______________________________________________
>> dev-platform mailing list
>> dev-platf...@lists.mozilla.org
>> https://lists.mozilla.org/listinfo/dev-platform
>>
> _______________________________________________
> dev-platform mailing list
> dev-platf...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-platform
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
