Hi,
Storing a key at the browser side it already a challenge (especially in webkit--see #245).
In our system in order to overcome this problem, we store the key in a password input field and then it is picked up by the browser's password manager. We then use a similar form to get it back (using browser's autocomplete and user input).
Based on that "trick" I was wondering if Web Crypto spec could pursuit a new "autocomplete" value (e.g., "cryptokey") akin to what WebAuthN is doing (see e.g., here). Then password managers could be leveraged to store private keys, just like the way they store passwords.
Hi, Storing a key at the browser side it already a challenge (especially in webkit--see #245).
In our system in order to overcome this problem, we store the key in a password input field and then it is picked up by the browser's password manager. We then use a similar form to get it back (using browser's autocomplete and user input).
Based on that "trick" I was wondering if Web Crypto spec could pursuit a new "autocomplete" value (e.g., "cryptokey") akin to what WebAuthN is doing (see e.g., here). Then password managers could be leveraged to store private keys, just like the way they store passwords.