Now many discussions are goning on scopes of Web Cryptography working group charter. I think many of use-cases in cryptography API focused in certificate authority service with personal certificates.
But, this is hard to consider another working group because of PKI based systems too. (Most of countries has own national CA system based on plug-in issuing personal certificate such as China, Japan, Spain and Brazil etc.) So I suggested adding parallel works for *Web Certificates (Service)
API* supporting these. We can add these as a scope including TLS/SSL based login/out with personal certificate and its management api(backup, restore)
and follow up HSM based certificate.
Especially in Firefox, the validation of security device based on FIPS is already possible. (Other browser?) I guess Web Certificate Service API is needed to treat this kind of interfaces in future. Anyway we have better focus on primitive APIs for light-weight usecases. Because all browsers have own key stroage.
Please give a comment for my suggestions: