ISSUE-31: Problems with keys attribute of the Crypto interface

Problems with keys attribute of the Crypto interface

State:
CLOSED
Product:
functional for Web Crypto API
Raised by:
Wan-Teh Chang
Opened on:
2012-08-27
Description:
The keys attribute of the Crypto interface is specified as follows:

interface KeyStorage {
readonly attribute unsigned long length;

getter Key getKey(unsigned long index);
deleter void removeKey(unsigned long index);
void clear();
};

interface Crypto {
...
readonly attribute KeyStorage keys;

...
};

This is the only key discovery method provided in the current API.
The keys attribute has three problems.

1. All operations that may potentially block should use an async API.
Getting the keys attribute of the Crypto interface is synchronous.
However, the underlying operation may potentially block because disk
or secure element access may be required to get the number of
persistent keys, which is needed to compute KeyStorage.length.

Similarly, the getKey method of the KeyStorage interface is
synchronous, but the underlying operation could require disk or secure
element access.

2. The keys attribute returns all the keys even though the application
may only want to look up a particular key. If the user agent has a large
number of keys for the origin, it may be forced to do a lot of unnecessary
work.

3. The KeyStorage interface forces the application to do a linear search
for a key in the KeyStorage, even though the underlying key storage may
be a hash table or structured database that supports more efficient lookups.

Proposed solution:

I propose we replace the keys attribute with a findKey method.

interface Crypto {
...

KeyFinder findKey(Dictionary criteria);
...
};

The 'criteria' dictionary may have the following members, intended
to match common Key attributes:
DOMString id;
AlgorithmIdentifier algorithm;
bool temporary;
bool extractable;
KeyUsage[] keyUsages;

// Other dictionary members will match user attributes inside
// Key.userAttributes
DOMString foo;
DOMString bar;
...

The members in the 'criteria' dictionary have the AND semantics: the
KeyFinder finds the keys that match all the members of the 'criteria'
dictionary.

interface KeyFinder : KeyOperation {
void find();
};

KeyFinder.result is a Key[] array.
Related Actions Items:
No related actions
Related emails:
  1. [minutes] Re: W3C Web Crypto WG - monday 4th of march (from wseltzer@w3.org on 2013-03-04)
  2. Re: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from rbarnes@bbn.com on 2013-03-04)
  3. Re: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from watsonm@netflix.com on 2013-03-04)
  4. Re: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from hhalpin@w3.org on 2013-03-04)
  5. Re: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from hhalpin@w3.org on 2013-03-04)
  6. RE: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from Virginie.GALINDO@gemalto.com on 2013-03-04)
  7. Re: W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from hhalpin@w3.org on 2013-03-04)
  8. W3C Web Crypto WG - agenda for our call on monday 4th of march @ 20:00 UTC (today) (from Virginie.GALINDO@gemalto.com on 2013-03-04)
  9. Re: W3C Web Crypto WG - agenda for our call today @ 20:00 UTC (from watsonm@netflix.com on 2013-02-04)
  10. RE: W3C Web Crypto WG - agenda for our call today @ 20:00 UTC (from Asad.Ali@gemalto.com on 2013-02-04)
  11. Re: W3C Web Crypto WG - agenda for our call today @ 20:00 UTC (from S.Durbha@cablelabs.com on 2013-02-04)
  12. W3C Web Crypto WG - agenda for our call today @ 20:00 UTC (from Virginie.GALINDO@gemalto.com on 2013-02-04)
  13. PROPOSAL: Close ISSUE-31 - Problems with keys attribute of the Crypto interface (from sleevi@google.com on 2013-01-31)
  14. Re: Named key access (was Re: ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal ) (from sleevi@google.com on 2012-11-21)
  15. Re: Named key access (was Re: ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal ) (from hhalpin@w3.org on 2012-11-21)
  16. Re: ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal (from watsonm@netflix.com on 2012-11-21)
  17. Named key access (was Re: ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal ) (from sleevi@google.com on 2012-11-20)
  18. Re: ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal (from watsonm@netflix.com on 2012-11-19)
  19. Re: ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal (from sleevi@google.com on 2012-11-19)
  20. Re: ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal (from watsonm@netflix.com on 2012-11-19)
  21. Re: ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal (from sleevi@google.com on 2012-11-19)
  22. Re: ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal (from hhalpin@w3.org on 2012-11-19)
  23. Re: ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal (from watsonm@netflix.com on 2012-11-19)
  24. ISSUE-31 Re: KeyStorage and Pre-provisioned Keys: A proposal (from hhalpin@w3.org on 2012-11-19)
  25. Re: Rethinking KeyStorage (from watsonm@netflix.com on 2012-11-07)
  26. Re: Rethinking KeyStorage (from sleevi@google.com on 2012-11-07)
  27. Re: Rethinking KeyStorage (from watsonm@netflix.com on 2012-11-01)
  28. Rethinking KeyStorage (from sleevi@google.com on 2012-10-29)
  29. RE: crypto-ISSUE-31: Problems with keys attribute of the Crypto interface [Web Cryptography API] (from Vijay.Bharadwaj@microsoft.com on 2012-09-04)
  30. Re: crypto-ISSUE-31: Problems with keys attribute of the Crypto interface [Web Cryptography API] (from sleevi@google.com on 2012-08-31)
  31. RE: crypto-ISSUE-31: Problems with keys attribute of the Crypto interface [Web Cryptography API] (from Vijay.Bharadwaj@microsoft.com on 2012-08-28)
  32. Re: crypto-ISSUE-31: Problems with keys attribute of the Crypto interface [Web Cryptography API] (from sleevi@google.com on 2012-08-27)
  33. crypto-ISSUE-31: Problems with keys attribute of the Crypto interface [Web Cryptography API] (from sysbot+tracker@w3.org on 2012-08-27)

Related notes:

as decided during our call on the 4th of March, issue is closed.
http://www.w3.org/2013/03/04-crypto-minutes.html

Virginie GALINDO, 4 Apr 2013, 09:27:55

Display change log ATOM feed


Chair, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 31.html,v 1.1 2017/02/13 16:16:51 ted Exp $