Re: crypto-ISSUE-38: Key initialization and "finalization" [Web Cryptography API] from Wan-Teh Chang on 2012-09-07 (public-webcrypto@w3.org from September 2012)

From: Wan-Teh Chang <wtc@google.com>
Date: Fri, 7 Sep 2012 11:47:24 -0700
To: Vijay Bharadwaj <Vijay.Bharadwaj@microsoft.com>
Cc: Ryan Sleevi <sleevi@google.com>, Web Cryptography Working Group <public-webcrypto@w3.org>
Message-ID: <CALTJjxF9RZP7DUD6+9afYR+O5wfnfB9vVV0B387H=ObuA-dM2w@mail.gmail.com>

On Thu, Sep 6, 2012 at 10:54 PM, Vijay Bharadwaj
<Vijay.Bharadwaj@microsoft.com> wrote:
>
> One thing we might want to think about - what should happen
> if a user who has thus finalized his RSA encryption key wants
> to get a new certificate with the same key?

Another idea would be to add a method that generates a
proof-of-possession for a certificate request. For RSA keys, this
would be a specialized sign operation that only signs specific kinds
of input.

Wan-Teh

Received on Friday, 7 September 2012 18:47:52 UTC