On 06/27/2014 07:37 AM, Nathan Kinder wrote: > On 06/27/2014 12:13 AM, Frederik Braun wrote: >> To be frank, I have only ever seen the non-standard crypto functions >> used in attacks, rather than in purposeful use. > > That doesn't mean that aren't being purposefully used. The current > crypto functions are used pretty heavily by Dogtag Certificate System > [1], and this has been the case for many years. > > I believe that one of the big things lacking in WebCrypto is a suitable > replcement for generateCRMFRequest(), which allows for key escrow. I'm > not certain if an addon will be able to replace this functionality.
Looking at the working draft of the spec[0], there are functions to generate, export, and wrap keys, so it looks like webcrypto can be used to implement key escrow (unless I'm misunderstanding the term). Again, though, addons can pretty much do anything, so if webcrypto isn't up to the task, an addon should be able to fill the gap. [0] http://www.w3.org/TR/WebCryptoAPI/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
