Add a new principle for crypto. (#310)

* Draft for #185.

* Remove reference to WebCrypto API following feedback from @sleevi

Co-authored-by: rhiaro <[email protected]>

Author: cynthia

index.bs

@@ -2506,6 +2506,14 @@ it also ensures a consistent development experience for the users.
 A good example where debuggability was defined as
 part of the specification is [Web Animations](https://www.w3.org/TR/web-animations-1/#use-cases).
 
+<h3 id="crypto">Use the best crypto, and expect it to evolve</h3>
+
+Use only cryptographic algorithms
+that have been impartially reviewed by security experts,
+and make sure your choice of algorithm is proven, and up-to-date.
+Not only do they become obsolete or insecure,
+cryptographic protocols and algorithms also evolve quickly.
+
 <h2 id="spec-writing">Writing good specifications</h2>
 
 This document mostly covers API design for the Web,