Add RSA-PSS and RSA-OAEP, both with SHA-256, to the list of recommended
authorRyan Sleevi <sleevi@google.com>
Sun, 27 Jan 2013 20:58:23 -0800
changeset 25 4be87d65cee0
parent 24 60de9e02a40b
child 26 5a80f9413855
Add RSA-PSS and RSA-OAEP, both with SHA-256, to the list of recommended
algorithms. Clarify that the RSAPSS support is for SHA-1, with the intent being
the recognition of legacy algorithms.
spec/Overview-WebCryptoAPI.xml
spec/Overview.html
--- a/spec/Overview-WebCryptoAPI.xml	Mon Dec 17 19:59:49 2012 -0800
+++ b/spec/Overview-WebCryptoAPI.xml	Sun Jan 27 20:58:23 2013 -0800
@@ -2234,9 +2234,25 @@
             recommended algorithms. The recommended algorithms are: 
           </p>
           <ul>
-            <li><a href="#hmac">HMAC</a> using <a href="#alg-sha-256">SHA-256</a></li>
-            <li><a href="#rsassa-pkcs1">RSASSA-PKCS1-v1_5</a> using <a href="#alg-sha-256">SHA-256</a></li>
-            <li><a href="#ecdsa">ECDSA</a> using <a href="#dfn-NamedCurve-p256">P-256</a> curve and <a href="#alg-sha-256">SHA-256</a></li>
+            <li>
+                <a href="#hmac">HMAC</a> using <a href="#alg-sha-256">SHA-256</a>
+            </li>
+            <li>
+                <a href="#rsassa-pkcs1">RSASSA-PKCS1-v1_5</a> using
+                <a href="#alg-sha-256">SHA-1</a>
+            </li>
+            <li>
+                <a href="#rsa-pss">RSA-PSS</a> using <a href="#alg-sha-256">SHA-256</a>
+                and MGF1 with <a href="#alg-sha-256">SHA-256</a>.
+            </li>
+            <li>
+                <a href="#rsa-oaep">RSA-OAEP</a> using <a href="#alg-sha-256">SHA-256</a>
+                and MGF1 with <a href="#alg-sha-256">SHA-256</a>.
+            </li>
+            <li>
+                <a href="#ecdsa">ECDSA</a> using <a href="#dfn-NamedCurve-p256">P-256</a>
+                curve and <a href="#alg-sha-256">SHA-256</a>
+            </li>
             <li><a href="#aes-cbc">AES-CBC</a></li>
           </ul>
           <p>To see the results of test-cases between implementations, please see the [@@Upcoming]
--- a/spec/Overview.html	Mon Dec 17 19:59:49 2012 -0800
+++ b/spec/Overview.html	Sun Jan 27 20:58:23 2013 -0800
@@ -33,7 +33,7 @@
   <link rel="stylesheet" href="//www.w3.org/StyleSheets/TR/W3C-ED" type="text/css" /></head>
 
   <body>
-    <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>17 December 2012</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://ddahl.com/">David Dahl</a>, Mozilla Corporation &lt;ddahl@mozilla.com&gt;</dd><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. &lt;sleevi@google.com&gt;</dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:public-webcrypto@w3.org?subject=%5BWebCryptoAPI%5D">public-webcrypto@w3.org</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document">file a bug</a> 
+    <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>27 January 2013</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://ddahl.com/">David Dahl</a>, Mozilla Corporation &lt;ddahl@mozilla.com&gt;</dd><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. &lt;sleevi@google.com&gt;</dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:public-webcrypto@w3.org?subject=%5BWebCryptoAPI%5D">public-webcrypto@w3.org</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document">file a bug</a> 
     (see <a href="https://www.w3.org/Bugs/Public/buglist.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document&amp;resolution=---">existing bugs</a>).</p></dd></dl><p class="copyright"><a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a> &copy; view <a href="http://www.w3.org/"><abbr title="World Wide Web Consortium">W3C</abbr></a><sup>&reg;</sup> (<a href="http://www.csail.mit.edu/"><abbr title="Massachusetts Institute of Technology">MIT</abbr></a>, <a href="http://www.ercim.org/"><abbr title="European Research Consortium for Informatics and Mathematics">ERCIM</abbr></a>, <a href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>, <a href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a> and <a href="http://www.w3.org/Consortium/Legal/copyright-documents">document use</a> rules apply.</p></div><hr />
 
     <div class="section">
@@ -61,7 +61,7 @@
         report can be found in the <a href="http://www.w3.org/TR/">W3C technical
           reports index</a> at http://www.w3.org/TR/.
       </em></p><p>
-        This document is the 17 December 2012 <b>Editor’s Draft</b> of the
+        This document is the 27 January 2013 <b>Editor’s Draft</b> of the
         <cite>Web Cryptography API</cite> specification.
       
       Please send comments about this document to
@@ -2243,9 +2243,25 @@
             recommended algorithms. The recommended algorithms are: 
           </p>
           <ul>
-            <li><a href="#hmac">HMAC</a> using <a href="#alg-sha-256">SHA-256</a></li>
-            <li><a href="#rsassa-pkcs1">RSASSA-PKCS1-v1_5</a> using <a href="#alg-sha-256">SHA-256</a></li>
-            <li><a href="#ecdsa">ECDSA</a> using <a href="#dfn-NamedCurve-p256">P-256</a> curve and <a href="#alg-sha-256">SHA-256</a></li>
+            <li>
+                <a href="#hmac">HMAC</a> using <a href="#alg-sha-256">SHA-256</a>
+            </li>
+            <li>
+                <a href="#rsassa-pkcs1">RSASSA-PKCS1-v1_5</a> using
+                <a href="#alg-sha-256">SHA-1</a>
+            </li>
+            <li>
+                <a href="#rsa-pss">RSA-PSS</a> using <a href="#alg-sha-256">SHA-256</a>
+                and MGF1 with <a href="#alg-sha-256">SHA-256</a>.
+            </li>
+            <li>
+                <a href="#rsa-oaep">RSA-OAEP</a> using <a href="#alg-sha-256">SHA-256</a>
+                and MGF1 with <a href="#alg-sha-256">SHA-256</a>.
+            </li>
+            <li>
+                <a href="#ecdsa">ECDSA</a> using <a href="#dfn-NamedCurve-p256">P-256</a>
+                curve and <a href="#alg-sha-256">SHA-256</a>
+            </li>
             <li><a href="#aes-cbc">AES-CBC</a></li>
           </ul>
           <p>To see the results of test-cases between implementations, please see the [@@Upcoming]