This special interest group (SIG) is focused on conversations related to the architecture of digital wallet engines and is a sub-group reporting to the OpenWallet Foundation's Technical Advisory Committee.
As mentioned in our last meeting, i believe that the current KMS conceptual design was a big too low level for this stage and given the object oriented spec, it lacks in my opinion the clear definition of where the application lives vs where the trusted / secure KMS lives. And the API's defined seem to assume that one is aware of the other. I'm suggesting that it extremely dangerous to build applications like that and we should learn from the past established standards and move forward into a more modern cryptography friendly system design.
Proposal
This PR attempts to build the case that we need to separate application and KMS not just logically but to make that a clear design and implementation choice. They should be effectively seen as 2 separate systems.
Hoping this is at least a conversation starting point.
Rationale
As mentioned in our last meeting, i believe that the current KMS conceptual design was a big too low level for this stage and given the object oriented spec, it lacks in my opinion the clear definition of where the application lives vs where the trusted / secure KMS lives. And the API's defined seem to assume that one is aware of the other. I'm suggesting that it extremely dangerous to build applications like that and we should learn from the past established standards and move forward into a more modern cryptography friendly system design.
Proposal
This PR attempts to build the case that we need to separate application and KMS not just logically but to make that a clear design and implementation choice. They should be effectively seen as 2 separate systems.
Hoping this is at least a conversation starting point.