Open twiss opened 5 months ago
Is there any intention to allow generating a key via this API? The proposal doesn't explicitly mention it, but the UI could offer to generate a key, if the user doesn't have one?
Somewhat related to this, the Security & Privacy Considerations section says that keys should be domain-scoped (though I imagine that should rather be origin-scoped), but it's not clear how this would be accomplished for pre-existing keys, and there's no specified way to generate keys. In other words, how do we determine the origin that a key belongs to, if it wasn't generated by the browser on behalf of a particular origin?
Thanks for the feedback @twiss and @estark37.
getRemoteKey
method would be required to get the CryptoKey
handle. This means the calling web app will know quickly whether it has a key or not.The intention is for all keys used by this API to be origin-scoped, however it’s still open for debate how we should enforce that in the spec. Is it enough for the spec to recommend implementers require that keys are origin-scoped and perform a validation?
Do you mean that, if the user has an S/MIME certificate for alice@example.com, they can only access the key from https://example.com?
I worry that it wouldn't be super useful because you might have a mail app on mail.example.com serving email for @example.com, or even for entirely different domains (if the user uses their own custom domain, for example).
So I think it would be more useful if the app could request the key for any S/MIME certificate; if the user gives permission for that, of course. Perhaps the permission could be dependent on the app being selected as the user's email client / mailto:
handler, or something like that? (Of course that would make it very email-specific, but some parts of the proposed API already seem somewhat email-specific to me, TBH, so maybe that's OK?)
Hi! Here are some thoughts and suggestions on the “remote” CryptoKeys explainer.
First of all, as an aside, I wanted to mention that there is an old proposal for key discovery in Web Crypto. To my knowledge it was never implemented, and I assume it doesn't meet your needs, but it may serve as an inspiration for the spec, and I think there are some differences that would be good to copy here, more on which below.
First, some high-level questions:
CryptoKey
object returned bygetRemoteKey
, but the description ofgetRemoteKey
does describe querying for a key and throwingNotFoundError
if none is found. Which is intended? (I think the latter seems more useful, so that the application knows as soon as possible whether it has a key it can use.)Then, some more low-level nitpicks:
interface RemoteKey : Key
, and put the remote-key-specific fields on the key directly, rather than on the algorithm, and leave the algorithm field intact, since the format of the key material differs per algorithm, so a given key can't be used with any algorithm.RemoteKeyParams
extendAlgorithm
, and only include the params that can be used to query a key (i.e. removeexpiresAt
, presumably). Also,name: "remote"
seems redundant, and it would seem useful to me to also (separately) pass the algorithm that the application wants a key for? Otherwise, the browser doesn't know what kind of key to query (or generate).remoteKey.algorithm.name
indicate the algorithm that the key is intended to be used with (since the parameters required to use the key differ per algorithm). But, doing it that way also seems risky because the application would need to have support for all algorithms that the key's intended algorithm could possibly be. So it would seem better to me to allow passing the (list of?) algorithm(s) that the application supports.UserKey
having auserIdentifier
property, for example.