Time for IETF witch hunt? (was: NSA Co-Chairs of Crypto Forum Research Group, Legitimacy of WebCrypto API in Doubt)
Meredith L. Patterson
mlp at upstandinghackers.com
Sat Oct 25 12:11:59 PDT 2014
On Sat, Oct 25, 2014 at 05:48:01PM +0200, Lodewijk andré de la porte wrote:
> Standards should merely enable interoperability, thus create
> choice, and through that choice must come features, and the want for
> features will enforce those standards.
>
> Related: who's up for swapping layer 3 altogether?
All I ask is that whatever comes out of it have an unambiguous BNF
definition for its message format, without <prose-val> rules if at all
possible. (See also: "enable interoperability".) Bonus points for
defining the protocol itself as a finite state machine.
WebCrypto is a shitshow in large part because the people at its wheel
perceive a need for JavaScript programmers to make decisions about
what cipher mode to use. They're dead-set on forcing developrs who
write Javascript because C is hard to make low-level decisions that
affect the reliability of their code in profound and non-obvious ways,
and refuse to understand that this approach never ends well.
Cheers,
--mlp
More information about the cypherpunks
mailing list