W3C home > Mailing lists > Public > public-webcrypto@w3.org > August 2012

Re: crypto-ISSUE-26 (multi-origin access): Should key generation be allowed to specify multi-origin shared access [Web Cryptography API]

From: Wan-Teh Chang <wtc@google.com>
Date: Fri, 24 Aug 2012 12:11:12 -0700
Message-ID: <CALTJjxE+tfYSy4MQN5JDLNY7CbH4k8fo4jBHWNic9pYy2qOYTg@mail.gmail.com>
To: Ryan Sleevi <sleevi@google.com>, Mountie Lee <mountie.lee@mw2.or.kr>
Cc: Seetharama Rao Durbha <S.Durbha@cablelabs.com>, David Dahl <ddahl@mozilla.com>, Web Cryptography Working Group <public-webcrypto@w3.org>
The "certificate-private key pair" use case, which Mountie just
described in detail, is a well-known use case that requires
multi-origin access to keys.

I am not proposing we solve that problem in the first version of the
API, but we should design the API so that it could support the
"certificate-private key pair" use case in the future. This seems to
require adding an input argument related to key access control to the
generateKey() method. We could require that input argument be "same
origin policy" in the first version of the API.

Received on Friday, 24 August 2012 19:11:39 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:01:25 UTC