Re: crypto-ISSUE-30 (where is the key ?): How does the application know where the key is stored ? [Web Cryptography API]

Matching an associated certificate is the best way to find the right
private key. The search criteria for the associated certificate should
be such that only the certificates associated with private keys stored
in the right smart card will match. Ideally the search criteria should
be narrow enough so that only one certificate (and therefore only one
private key) will match, so that we don't need to ask the user to
choose one.

We have explained this private key lookup method before, including at
the face-to-face meeting in July. I remember Karen and Asad considered
this method satisfactory. Karen, Asad, have you changed your opinion?
Or are you worried that the current API draft does not provide a way
to look up a private key by matching its associated certificate?


Received on Monday, 27 August 2012 22:08:58 UTC