Describe assumptions and guidelines on key management #13
Comments
|
This draft could address the key discovery mechanism, and leave the process to provision keys to implementations. Specifically, identifier or name based discovery could be a good candidate to accommodate different scales, and is also aligned with the current WebCrypto spec on the key discovery. A small managed network may share a common and small set of keys pushed by an admin periodically via a secure channel. When stored as key-value pairs, where a name is mapped to a set of encryption keys, the set of encryption keys can retrieved with the given name or id if such a mapping exists, and trial decryption can be used if the set contains more than one key. A fail-to-decrypt error can be declared when no encryption key set is present, the set is empty or the decryption fails with the retrieved key set. In a more advanced form, the encryption key store can be servicified, not necessarily co-located on the same device, and use appropriate authentication techniques. This approach can be extended to support flexible key rotation and also origin-specific keys if needed. |
|
Do you have some text in mind here? |
No description provided.
The text was updated successfully, but these errors were encountered: