W3C home > Mailing lists > Public > public-credentials@w3.org > November 2019

RE: Proposed work item: WebKMS

From: Michael Herman (Parallelspace) <mwherman@parallelspace.net>
Date: Tue, 26 Nov 2019 17:11:12 +0000
To: Anders Rundgren <anders.rundgren.net@gmail.com>, Stephen Curran <swcurran@cloudcompass.ca>, "Liam R. E. Quin" <liam@fromoldbooks.org>
CC: Manu Sporny <msporny@digitalbazaar.com>, Adrian Gropper <agropper@healthurl.com>, W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <MN2PR13MB2608BC192D9ADC3F8DA23166C3450@MN2PR13MB2608.namprd13.prod.outlook.com>
Perhaps what I''m about to suggest is one-layer up from a Key Management Service... that is, a Data Registries and Data Notaries...

Checkout https://hyperonomy.com/2019/11/21/trusted-digital-web-levels-of-universal-trust/

Best regards,

Michael Herman

Self-Sovereign Blockchain Architect

Hyperonomy Digital Identity Lab

Parallelspace Corporation

-----Original Message-----
From: Anders Rundgren <anders.rundgren.net@gmail.com>
Sent: November 25, 2019 2:09 PM
To: Stephen Curran <swcurran@cloudcompass.ca>; Liam R. E. Quin <liam@fromoldbooks.org>
Cc: Manu Sporny <msporny@digitalbazaar.com>; Adrian Gropper <agropper@healthurl.com>; W3C Credentials Community Group <public-credentials@w3.org>
Subject: Re: Proposed work item: WebKMS

On 2019-11-25 20:11, Stephen Curran wrote:

> In Aries, we're using KMS to mean "Key Management Service" to address the concerns raised by Anders, where in addition to managing the keys, operations like sign, encrypt, etc. are performed by the service.

I see.

In SKS/KeyGen2 these operations are not only separated by nomenclature (Key management versus User API), but by different security models since Key management in SKS is performed by an attesting, session-based, transactional, end-2-end-secured API intended for usage with the KeyGen2 on-line protocol, while User API methods such as sign, encrypt, etc. are only permitted by locally trusted SW.

To me WebKMS appears to be more like a Web version of PKCS #11.



> On Mon, Nov 25, 2019 at 11:05 AM Liam R. E. Quin <liam@fromoldbooks.org <mailto:liam@fromoldbooks.org<mailto:liam@fromoldbooks.org%20%3cmailto:liam@fromoldbooks.org>>> wrote:


>     On Mon, 2019-11-25 at 18:22 +0100, Anders Rundgren wrote:

>      > If I may comment on your proposed work item, I'm not entirely

>      > comfortable with the name because AFAIK the term KMS usually only

>      > refers to management of keys and not to cryptographic operations like

>      > sign, wrap, etc.


>     It can also refer to Knowledge Management Systems - many in the

>     RDF/SemWeb world will have that background, so make sure to introduce

>     the expansion early on.


>     Liam


>     --

>     Liam Quin, https://www.delightfulcomputing.com/

>     Available for XML/Document/Information Architecture/XSLT/

>     XSL/XQuery/Web/Text Processing/A11Y training, work & consulting.

>     Barefoot Web-slave, antique illustrations:

> http://www.fromoldbooks.org





> --


> Stephen Curran

> Principal, Cloud Compass Computing, Inc. (C3I) Technical Governance

> Board Member - Sovrin Foundation (sovrin.org)


> /Schedule a Meeting: //https://calendly.com/swcurran/


Received on Tuesday, 26 November 2019 17:11:20 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:24:56 UTC