RE: Dealing with pre-provisioned keys

This is interesting (somewhat covered in section 2.8). Note that discovery of the underlying cryptographic modules is currently out of scope (section 4.4).

The way I see this happening is:

1) The underlying crypto service provider (e.g. smart card, OS key store, using PKCS#11 or similar) provides an enumeration of existing (pre-provisioned) keys
2) The WebCrypto API implementation enumerates the underlying crypto providers and individual keys, extracting key attributes, etc. How *this* happens is implementation-dependent
3) The WebCrypto API exposes these keys as part of the Crypto.keys attribute (KeyStorage interface), so that developers can perform lookups (see ISSUE-31 on looking up keys) and finally use the keys


-----Original Message-----
From: Anders Rundgren [] 
Sent: Saturday, September 22, 2012 08:54
Subject: Dealing with pre-provisioned keys

Is there anybody out there interested in this topic?
In particular, how do *you* envision that pre-provisioned keys are discovered by the WebCrypto API?

The W3C Working Draft dated 13 September 2012 doesn't provide such information.


Received on Monday, 24 September 2012 18:14:30 UTC