- From: Orie Steele <orie@transmute.industries>
- Date: Sat, 23 Nov 2019 11:22:40 -0600
- To: Oliver Terbu <oliver.terbu@consensys.net>
- Cc: Manu Sporny <msporny@digitalbazaar.com>, W3C Credentials CG <public-credentials@w3.org>
- Message-ID: <CAN8C-_+Miw31ZNW5yUFVrX2b+hGfpr5f=ROT3MqH0hviW3QPrQ@mail.gmail.com>
Oliver, thanks for that link very interesting. On first glance, these appear to be addressing some slightly different use cases. CSC appears to be focused on standard OAuth reliant API for remote digital signatures, whereas webkms appears to be a facade on KMS interfaces, with a not yet formalized authorization framework (although ZCaps are mentioned). I could see WebKMS being used underneath CSC potentially, to support pluggable KMS integration. I'm also interested in supporting this work, particularly around support for https://www.w3.org/TR/WebCryptoAPI/#dfn-Crypto I worry about the requirement for a standard HTTP API, does this mean that webkms can ONLY be used to expose a kms with the ability to handle http requests? I think this would eliminate the integration I mention above, namely, a common interface for both browser and server cryptographic interfaces... ᐧ On Sat, Nov 23, 2019 at 10:53 AM Oliver Terbu <oliver.terbu@consensys.net> wrote: > How would the WebKMS work relate to the Cloud Signature Consortium: > https://cloudsignatureconsortium.org/ / > https://cloudsignatureconsortium.org/wp-content/uploads/2019/07/CSC_API_V1_1.0.4.0.pdf ? > Seems like there is a lot of overlap! > > Oliver > > On Sat, Nov 23, 2019 at 5:39 PM Manu Sporny <msporny@digitalbazaar.com> > wrote: > >> Cryptographic authentication systems enable machines, individuals, and >> organizations to more securely interact with one another. These systems >> often use public-private key cryptography or encryption mechanisms in >> order to manage cryptographic material as well as operations utilizing >> that material. This specification provides a common data model and >> interface for interacting with these systems enabling one to perform >> secure cryptographic operations such as keypair creation, wrapping and >> unwrapping, signing, encrypting, and decrypting. >> >> https://digitalbazaar.github.io/webkms/ >> >> At this time, we are seeking another implementer that is willing to >> collaborate on maturing remote key management on the Web and be a >> co-sponsor/editor on the specification. >> >> The request to add this as a work item to the CCG is here: >> >> https://github.com/w3c-ccg/community/issues/99 >> >> -- manu >> >> -- >> Manu Sporny (skype: msporny, twitter: manusporny) >> Founder/CEO - Digital Bazaar, Inc. >> blog: Veres One Decentralized Identifier Blockchain Launches >> https://tinyurl.com/veres-one-launches >> >> -- *ORIE STEELE* Chief Technical Officer www.transmute.industries <https://www.transmute.industries>
Received on Saturday, 23 November 2019 17:22:55 UTC