RE: Dealing with pre-provisioned keys

This is interesting (somewhat covered in section 2.8). Note that discovery of the underlying cryptographic modules is currently out of scope (section 4.4).

The way I see this happening is:

1) The underlying crypto service provider (e.g. smart card, OS key store, using PKCS#11 or similar) provides an enumeration of existing (pre-provisioned) keys
2) The WebCrypto API implementation enumerates the underlying crypto providers and individual keys, extracting key attributes, etc. How *this* happens is implementation-dependent
3) The WebCrypto API exposes these keys as part of the Crypto.keys attribute (KeyStorage interface), so that developers can perform lookups (see ISSUE-31 on looking up keys) and finally use the keys


Marcelo.


-----Original Message-----
From: Anders Rundgren [mailto:anders.rundgren@telia.com] 
Sent: Saturday, September 22, 2012 08:54
To: public-webcrypto-comments@w3.org
Subject: Dealing with pre-provisioned keys

Is there anybody out there interested in this topic?
In particular, how do *you* envision that pre-provisioned keys are discovered by the WebCrypto API?

The W3C Working Draft dated 13 September 2012 doesn't provide such information.

Anders

Received on Monday, 24 September 2012 18:14:30 UTC