Distribute explainer to browser vendors #3
Comments
|
That's a really good point. I've opened mozilla/standards-positions#637 and commented in w3c/webcrypto#73 for now. |
|
What can the uninitiated do to help this? As a JS developer I've been working on several projects that could benefit from support streaming because as of now my work either involves placing artificial limits on data sizes or rolling my own contrived Is that even the right thing to do? Stack Overflow is littered with never roll your own panic everywhere. ChatGPT, Google, Bing, etc. searches reveals very little on how to correctly chunk data for non-streaming encryption. Basically if someone were interested in encrypting large data in the browser they are screwed because no-one anywhere wants to show them how to write their own blessed As a JS Dev I find my hands tied behind my back when wanting to help this effort make it to modern browsers. We got Thanks. |
|
We're currently working on moving this repo to WICG, which should give it more visibility among browser developers. The plan was always to do this, but it had been stalled for a while because the intention was to merge these APIs into the Web Crypto API spec, and for a long time that spec was not under any active W3C working group, so it could not be effectively maintained or updated. That problem has now been solved, and things are back on track. That said, since this proposal has been largely inactive for that time, there are a number of things that could be moved forward with the proposal itself (not in relation to Web Crypto API) that haven't yet been. Although the explainer describes a number of APIs that take As for what you can do now, please open and comment on any issues you see with the explainer (or even with what's currently written in the spec text, if that's something you're able to do). I think this is the most important thing that can be done at this point in time. Commenting on the Mozilla standards position was good to show developer interest, although I would have done it after the move to WICG was finished. At some point, when we have more confidence that the API is good, we would also be opening a Webkit standards position issue and a Chrome issue, and commenting there will also be helpful. However, even in the best case, this could take years to make it into browsers. That's simply how web standards work, unfortunately. After all, we don't want to rush things and end up with what ends up being a bad APIs stuck in browsers forever with no way to fix it. |
|
@andreubotella Thank you very much. that was very insightful. In the mean time, is there a non-crypto workaround? Can one manually chunk data in a way they could encrypt/decrypt stream chunks (assuming the chunks are full payloads each)? Though perhaps not ideal is that possible? And if so is there any literature or code examples of writing your own |
See wormhole-crypto, or crypto-stream for typescript. |
We should send the explainer and this repo to browser engineers working on Web Crypto support. This will allow them to give feedback on the current proposal, and if they have principal objections to / support for this proposal.
We should post it to mozilla/standards-position, webkit-dev, and a relevant Chromium mailing list (I am unsure which one though).
The text was updated successfully, but these errors were encountered: