[Webkit-unassigned] [Bug 172758] [GTK] Enable SUBTLE_CRYPTO in GTK+ releases

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Aug 8 05:43:27 PDT 2017


--- Comment #15 from Michael Catanzaro <mcatanzaro at igalia.com> ---
OK, so the only part of the WebCrypto API that is not SubtleCrypto is the get random numbers function?

(In reply to Zan Dobersek from comment #13)
> IMO we don't need an additional flag. The existing one should be turned on
> unconditionally, but for it to work the libgcrypt dependency has to be of
> 1.7.0 version at minimum.

We have a distributor that wants to upgrade WebKit but isn't able to upgrade gcrypt for whatever reason (probably enterprise security policy). They have gcrypt 1.5.8. And anyway, Ubuntu having only 1.6.5 indicates this really must have a build flag.

I would still expose a flag named ENABLE_WEB_CRYPTO flag and keep ENABLE_SUBTLE_CRYPTO private. ENABLE_SUBTLE_CRYPTO is fine to use in our code, if Jiewen doesn't want to rename it, but I still think it's too low-level to expose as a public option. We can make ENABLE_WEB_CRYPTO toggle ENABLE_SUBTLE_CRYPTO via a dependency.

(In reply to Zan Dobersek from comment #13) 
> The drawback is that at this point enabling SUBTLE_CRYPTO also exposes the
> prefixed WebKitSubtleCrypto interface, which would be deprecated in the
> future. But I don't remember this being a blocker in the past.

I don't really care. It would probably be better for web compatibility to match Apple anyway.

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170808/3231572d/attachment.html>

More information about the webkit-unassigned mailing list