Planning the 2024-04-17.

[mikewest]

Let's plan out the agenda for 2024-04-17 here.

Followup from March includes:

1. Introducing @simoneonofri as our W3C support.
2. Digging into https://github.com/explainers-by-googlers/document-isolation-policy/; @camillelamy would you be interested in discussing this further?
3. E2E email (https://github.com/WebKit/explainers/tree/main/remote-cryptokeys and a still-to-come followup): @hober and/or @marcoscaceres, interested in chatting through this next month?)

There might also be further discussion necessary for the Web Crypto integration of Ed25591 that we should plan for.

Anything else come to mind?

[camillelamy]

I'd be happy to chat more about Document-Isolation-Policy.

[plehegar]

Note that, given the lack of proposal, we're now proposing to remove E2E email from the charter (deadline for response is April 17). It could always be added at a later date through a new proposal.

[marcoscaceres]

We put up https://github.com/WebKit/explainers/blob/main/cryptographic-message-syntax-API/README.md as an explainer... it would be great to figure out how to add that to the Charter still, like as a quick recharter or whatever.

[mikewest]

@marcoscaceres would someone from Apple (you, @jonchoukroun, @hober, etc?) be interested in discussing the E2E proposals at the next meeting?

@twiss, @javifernandez, any followup on Ed25591 that we should try to make time for?

Anything else on folks' minds?

[javifernandez]

@twiss, @javifernandez, any followup on Ed25591 that we should try to make time for?

I tried to summarize here the pending issues; I believe the only source of disagreement is on how to reflect in the spec the request from Apple of allowing randomized signatures. Perhaps it'd be worth to discuss it in the meeting. Additionally, Firefox is implementing extra checks for small-order points, which I'm not sure the rest of the engines will follow.

[mikewest]

Thanks, @javifernandez. Let's see if we can reserve a few minutes for any discussion that might be necessary.

@marcoscaceres, @jonchoukroun, @hober: Friendly ping on the question above, as @dveditz and I would like to solidify the agenda soon. If you'd like time to discuss E2E proposals, I think we can find it. :)

[marcoscaceres]

Sorry for the delay @mikewest. Tentative yes from me.

Here is the other proposal just in case : https://github.com/WebKit/explainers/tree/main/remote-cryptokeys

[mikewest]

Agenda is up at https://github.com/w3c/webappsec/blob/main/meetings/2024/2024-04-17-agenda.md. I don't think we'll have time for Web Crypto, @javifernandez; if more discussion on those topics would be helpful, we can try to squeeze something in, but I'd like to make sure @marcoscaceres can reasonably introduce the E2E proposals on the one hand, and give @camillelamy more than 1m to introduce the document isolation policy proposal. :)

[twiss]

@marcoscaceres Just in case you haven't seen it, a bunch of comments and questions on the Remote Cryptokeys proposal have been raised in https://github.com/WebKit/explainers/issues?q=is%3Aissue+Remote+CryptoKeys. It might be interesting to discuss those, if you're not already planning to address them.

[Frosne]

@twiss, @javifernandez, any followup on Ed25591 that we should try to make time for?

I tried to summarize here the pending issues; I believe the only source of disagreement is on how to reflect in the spec the request from Apple of allowing randomized signatures. Perhaps it'd be worth to discuss it in the meeting. Additionally, Firefox is implementing extra checks for small-order points, which I'm not sure the rest of the engines will follow.

Hi, My name is Anna, I am also from Mozilla (NSS). I am responsible for WebCrypto implementation of Ed25519. Would it be possible for me to participate in the meeting?

Thanks!