@WatsonLadd @kaepora @sleevi_ last I looked WebCrypto only non-normatively included RSASSA PkCS#1v1.5 *signatures* which are fine
-
-
@bascule@WatsonLadd@kaepora RSAES-PKCS1-v1_5. Along with RSA-OAEP, but no RSA-KEM -
@sleevi_@bascule@kaepora Yeah, that's the broken one. http://link.springer.com/chapter/10.1007%2FBFb0055716?LI=true#page-1 … -
@WatsonLadd@sleevi_@kaepora I am aware of the attacks. It wasn’t in older drafts of the WebCrypto API though -
@bascule@WatsonLadd@kaepora Um, it's been in since 2012 - http://www.w3.org/TR/2012/WD-WebCryptoAPI-20120913/ … -
@sleevi_@WatsonLadd@kaepora anyway, it’s still all non-normative right? -
@bascule@WatsonLadd@kaepora All algs are non-normative. That said, it's very likely to be implemented, for purpose of legacy/interop -
@sleevi_@WatsonLadd@kaepora it would be nice if browser vendors had enough taste to avoid the ones with known attacks -
@bascule@WatsonLadd@kaepora So no RSA-OAEP either then, right? ;) - 2 more replies
New conversation -
-
-
@matthew_d_green@WatsonLadd@kaepora@sleevi_ certainly better than PKCS#1v1.5 encryption ;)
End of conversation
New conversation
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.