Closed marekaf closed 3 years ago
Hello -
We haven't had any requests yet to support this. If it is needed in your jurisdiction, it is something we can evaluate.
Let us know if this is a blocker for you and what kind of timeline would be needed.
hi @mikehelmick thanks for the answer,
There is a lot of European Union countries trying to implement this as soon as possible. We have integration/e2e testing scheduled in about 7-10 days, prod rollout before the end of month AFAIK.
Some countries are building their own key servers, we are trying to use upstream for as long as possible but this might force us to fork it. We are currently evaluating if the fork is needed or not while architecting the new solution.
Any help from you guys would be highly appreciated, it is quite a blocker for us.
Thanks a lot!
I'm don't think we can meet that timeline of having this production ready by the end of the month. The EFGS federation protocol is quite different from the one that we already implement for federation.
If you wanted to contribute code back to this repo to enable that, we would be available to review (it requires assigning copyright to Google and singing our Common Licensing Agreement).
I think that we will need to support this eventually, but have a pretty full schedule in front of us right now.
I understand that. Honestly I don't understand the current federation implementation in key server - can't find proper docs for that. I'll try to dig into the code to see if we can reuse some of it or, as you say, reimplement it for EFGS.
At least I know now for sure that it is not compatible with EFGS, not sure why they decided to go 'their way'.
I didn't expect you could re-prioritize this but I'm glad to hear that this is probably going to be supported eventually. Please let me know if there's any ETA on that.
Thanks!
Note: The EFGS protocol is not compatible w/ v1.5 level exports and revised keys.
update - I'm have done a full review of the EFGS protocol and implementation.
I'm in communication with that team and working out what a compatibility model would look like
This issue is stale because it has been open for 14 days with no activity. It will automatically close after 7 more days of inactivity.
@mikehelmick I see an open PR on the EFGS that is in review, any updates on that front?
coding is in progress
/assign @whaught
Work tracking (list not currently complete
Thinking about this a bit more - if we upload only valid keys ( and not export padding), the EFGS re-publishing will leak our padding. I think we need
Quick update for the community.
This work is currently on hold as we assess global roaming solutions.
/close
We are not able to proceed with this work at this time. We will revisit in the future if this work becomes feasible.
@mikehelmick: Closing this issue.
Hello 👋 Do you plan on supporting EFGS project somehow? (open sourced with docs here, architecture spec here)
Briefly, the project is described as
We are currently evaluating how can we extend key server's functionality to support EFGS and it would be great to know if there's any support / feature (in this repo or another) from Google already.
Thanks!