W3C home > Mailing lists > Public > public-credentials@w3.org > November 2019

Re: Proposed work item: WebKMS

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Sat, 23 Nov 2019 20:13:22 -0500
To: public-credentials@w3.org
Message-ID: <05b56b4d-be34-053e-1750-57e5c89389f2@digitalbazaar.com>
On 11/23/19 12:22 PM, Orie Steele wrote:
> I'm also interested in supporting this work, particularly around 
> support for https://www.w3.org/TR/WebCryptoAPI/#dfn-Crypto

Yes, as are we... we haven't detailed the APIs yet, but the idea is to
have a general set of operations that are supported... sign, verify,
wrap, unwrap, etc. (like the CRUD operations that all DID Methods need
to support) defined, and then bindings to local APIs (e.g., Javascript
APIs) and remote APIs (HTTPS APIs with authz, including, but not limited
to, ZCAPs).

> I worry about the requirement for a standard HTTP API, does this
> mean that webkms can ONLY be used to expose a kms with the ability to
>  handle http requests? I think this would eliminate the integration I
>  mention above, namely, a common interface for both browser and
> server cryptographic interfaces...

No, that's not a goal (to limit to HTTP API). We want to make sure that
we can wrap the WebAuthn stuff as well as the AWS/Azure/Google Cloud HSM

-- manu

Manu Sporny (skype: msporny, twitter: manusporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
Received on Sunday, 24 November 2019 01:13:28 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:24:56 UTC