W3C home > Mailing lists > Public > public-webcrypto@w3.org > September 2012

Re: Key id

From: Wan-Teh Chang <wtc@google.com>
Date: Thu, 6 Sep 2012 19:17:31 -0700
Message-ID: <CALTJjxHV34_tGic4qBLQjAGni+aDJpP7YWJzxHt7bvUeFQY2Lw@mail.gmail.com>
To: Mitch Zollinger <mzollinger@netflix.com>
Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
On Tue, Sep 4, 2012 at 12:07 PM, Mitch Zollinger <mzollinger@netflix.com> wrote:
> Regarding Section 11.2:
>
> id
>
> For all Keys visible within a given origin, each Key shall have a unique,
> opaque identifier assigned that may be used to uniquely identify that Key
> within the set of keys.
>
> Within the same origin, if two Keys are created from the same underlying
> keying material, they MUST share the same id.
>
>
> What is meant by "if two Keys are created from the same underlying keying
> material" here?

When I reviewed the current draft today, I also found this paragraph
to be unclear. Perhaps change "the same underlying keying material" to
"the same key in the underlying cryptographic provider" or "the same
underlying key", or simply remove the paragraph.

The next paragraph doesn't seem necessary:

    Within multiple origins, if two Keys are created from the
    same underlying keying material, they SHOULD be
    assigned distinct key identifiers.

This is easy to accomplish (for example, by including the origin in
key identifiers), but I can't figure out the rationale behind this
recommendation.

Wan-Teh
Received on Friday, 7 September 2012 02:17:58 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 7 September 2012 02:17:59 GMT