Legacy algorithms

[jedisct1]

Should wasi-crypto require implementations to support (still) widely used, but deprecated algorithms?

Should it support MD5, SHA1, DES? Should it support RC4? ECB?

How to handle legacy algorithms that no new code should use, but that people may still ask for due to legacy applications?

[programmerjake]

See also: https://github.com/WebAssembly/WASI-crypto/pull/10#issuecomment-598350244

[ueno]

I would leave algorithm selection to the host implementation, because there are several different aspects on which algorithms should be enabled, e.g., industry working with the US government may be required to restrict the set of enabled algorithms based on FIPS-140. For that purpose Fedora and RHEL have a system-wide mechanism to control the enabled algorithms through crypto-policies.

The WASI API could simply propagate the error if the algorithm is not enabled by the underlying (system) crypto libs.