- From: Ryan Sleevi <sleevi@google.com>
- Date: Tue, 4 Sep 2012 16:13:35 -0700
- To: Ali Asad <Asad.Ali@gemalto.com>
- Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
On Tue, Sep 4, 2012 at 11:08 AM, Ali Asad <Asad.Ali@gemalto.com> wrote: > Hi, > > > > I have a comment to clarify the following sentence in section 5.4 > > > >>> > > Additionally, this API does not deal with or address the discovery of > cryptographic modules, as such concepts are dependent upon the underlying > user agent and are not concepts that are portable between common operating > systems, cryptographic libraries, and implementations. > >>> > > > > I understand the discovery of specific cryptographic modules is outside the > scope. However, I am assuming the this text in the document does not > implicitly rule out discovery of keys stored in external storage such as > smart cards. Though key discovery is not in the current spec, it will be > worked on later, at which point it should be possible to select keys that > reside in smart cards. > > > > Best regards, > > --- asad Correct. My mental model for such language has been with something akin to the First Amendment - "The WG should make no requirements preferring a particular type of key storage, nor prohibit the various types of key storage that may exist." Also, the WG shouldn't try to enumerate or classify key storage - no need to bring about that crisis quite yet. And to be clear - key discovery doesn't guarantee that it will be possible, since it's up to the implementations to support it. But the general process of "taking advantage of keys that already exist" - regardless of storage - should be handled via discovery.
Received on Tuesday, 4 September 2012 23:14:03 UTC