openscreenprotocol icon indicating copy to clipboard operation
openscreenprotocol copied to clipboard

Published 20 hours ago verified publisher icon w3c

Consider removing support for P-521

Open sleevi opened this issue 4 years ago • 0 comments

A number of user agents intentionally decline to implement P-521, due to the significant performance overheads incurred relative to the limited security benefit provided in practice. For example, both Chrome and Firefox prohibit such certificates within TLS connections.

The current language includes P-521 as optional, as captured at https://github.com/w3c/openscreenprotocol/blob/5488c7b7cce9c9c64ba97348a8deb0c6c50eb9bb/index.bs#L363-L371

This will likely exacerbate interoperability issues, and also arguably incompatible with the goal stated in Non-Functional Requirements, namely https://github.com/w3c/openscreenprotocol/blob/5488c7b7cce9c9c64ba97348a8deb0c6c50eb9bb/index.bs#L206-L210

Suggestion: Remove P-521.

sleevi avatar Apr 06 '21 17:04 sleevi