-
Notifications
You must be signed in to change notification settings - Fork 194
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Source of Recommended/Discouraged algorithms #38
Comments
One possible explanation for why Interestingly in the project's table among asymmetric algorithms only elliptic curve based algorithms are recommended and all While some algorithms can be preferable for some use cases over the others personally I don't see why some subset of algorithms should deprecate all others. |
I don't understand. The only asynchronous encryption/decryption methods explained here is RSA-OAEP - and that's discouraged (though I didn't find any reference in the W3C specs). Web-Crypto doesn't make much sense if it leaves us without reliable async crypto .. ? |
@secumundo You can use ECDH for asynchronous encryption by deriving a shared key and using that key for AES encryption. |
(I'm not sure if this is appropriate for a github issue but I couldn't find a better place)
In the "Web Cryptography API Live Table" some algorithms are marked as "Recommended" and others are "Discouraged! Only use for backwards compatibility!" What is the source of this classification?
I had a quick look at spec and didn't find it there. Though I did find "suggested" algorithms here and according to the list
AES-CBC
is suggested/recommended, while according to the project's table it'sAES-GCM
which is recommended and all other cypher modes are "discouraged".The text was updated successfully, but these errors were encountered: