W3C home > Mailing lists > Public > public-credentials@w3.org > November 2019

Re: Proposed work item: WebKMS

From: Orie Steele <orie@transmute.industries>
Date: Sat, 23 Nov 2019 11:22:40 -0600
Message-ID: <CAN8C-_+Miw31ZNW5yUFVrX2b+hGfpr5f=ROT3MqH0hviW3QPrQ@mail.gmail.com>
To: Oliver Terbu <oliver.terbu@consensys.net>
Cc: Manu Sporny <msporny@digitalbazaar.com>, W3C Credentials CG <public-credentials@w3.org>
Oliver, thanks for that link very interesting.

On first glance, these appear to be addressing some slightly different use

CSC appears to be focused on standard OAuth reliant API for remote
digital signatures, whereas webkms appears to be a facade on KMS
interfaces, with a not yet formalized authorization framework (although
ZCaps are mentioned).

I could see WebKMS being used underneath CSC potentially, to support
pluggable KMS integration.

I'm also interested in supporting this work, particularly around support
for https://www.w3.org/TR/WebCryptoAPI/#dfn-Crypto

I worry about the requirement for a standard HTTP API, does this mean that
webkms can ONLY be used to expose a kms with the ability to handle http
requests? I think this would eliminate the integration I mention above,
namely, a common interface for both browser and server cryptographic


On Sat, Nov 23, 2019 at 10:53 AM Oliver Terbu <oliver.terbu@consensys.net>

> How would the WebKMS work relate to the Cloud Signature Consortium:
> https://cloudsignatureconsortium.org/ /
> https://cloudsignatureconsortium.org/wp-content/uploads/2019/07/CSC_API_V1_1.0.4.0.pdf ?
> Seems like there is a lot of overlap!
> Oliver
> On Sat, Nov 23, 2019 at 5:39 PM Manu Sporny <msporny@digitalbazaar.com>
> wrote:
>> Cryptographic authentication systems enable machines, individuals, and
>> organizations to more securely interact with one another. These systems
>> often use public-private key cryptography or encryption mechanisms in
>> order to manage cryptographic material as well as operations utilizing
>> that material. This specification provides a common data model and
>> interface for interacting with these systems enabling one to perform
>> secure cryptographic operations such as keypair creation, wrapping and
>> unwrapping, signing, encrypting, and decrypting.
>> https://digitalbazaar.github.io/webkms/
>> At this time, we are seeking another implementer that is willing to
>> collaborate on maturing remote key management on the Web and be a
>> co-sponsor/editor on the specification.
>> The request to add this as a work item to the CCG is here:
>> https://github.com/w3c-ccg/community/issues/99
>> -- manu
>> --
>> Manu Sporny (skype: msporny, twitter: manusporny)
>> Founder/CEO - Digital Bazaar, Inc.
>> blog: Veres One Decentralized Identifier Blockchain Launches
>> https://tinyurl.com/veres-one-launches

Chief Technical Officer

Received on Saturday, 23 November 2019 17:22:55 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:24:56 UTC