ISSUE-16: Definition for Key Expiration
Definition for Key Expiration
- State:
- CLOSED
- Product:
- Web Cryptography API
- Raised by:
- Ryan Sleevi
- Opened on:
- 2012-08-06
- Description:
- During the July Face-to-Face, the topic of Key Expiration was raised. However, a solid definition is lacking for what the semantics should be.
Argument for Implementation Semantics:
- Expiration could serve as a quota-management technique. Keys may represent expensive resources, particularly in constrained environments. Therefore, an understanding of how long a key is supposed to live may allow a user agent to remove 'expired' keys over time.
Argument for Application Semantics:
- Expiration should have no specific meaning to the implementation; it is simply provided to the application in an advisory capability to inform the application how a key can/should be used. This is particularly important for implementations that use pre-existing cryptographic APIs, such as OS APIs, as the underlying API may enforce these semantics. An example was given for a keypair where the private key may no longer be able to sign messages after a particular date, but the associated public key may be used to verify existing messages.
Should expiration be handled on a per-application basis in the custom attributes, or is it a global attribute on all Key types that should be managed by the User Agent? - Related Actions Items:
- No related actions
- Related emails:
- Draft minutes, 9/4 call (from wseltzer@w3.org on 2012-09-04)
- Code: 83263 / Re: W3C Web Crypto WG - agenda for 4th of sept call - today (from wseltzer@w3.org on 2012-09-04)
- W3C Web Crypto WG - agenda for 4th of sept call - today (from Virginie.GALINDO@gemalto.com on 2012-09-04)
- Re: Closing ISSUE-16 (from wtc@google.com on 2012-08-31)
- Closing ISSUE-16 (from sleevi@google.com on 2012-08-30)
- [W3C Web Crypto WG] functional features list in draft API and issue tracker (from Virginie.GALINDO@gemalto.com on 2012-08-22)
- Re: [W3C Web Crypto WG] functional features list in draft API and issue tracker (from sleevi@google.com on 2012-08-21)
- [W3C Web Crypto WG] functional features list in draft API and issue tracker (from Virginie.GALINDO@gemalto.com on 2012-08-21)
- Re: New Editor's Draft (from sleevi@google.com on 2012-08-17)
- RE: New Editor's Draft (from Vijay.Bharadwaj@microsoft.com on 2012-08-14)
- RE: crypto-ISSUE-16: Definition for Key Expiration [Web Cryptography API] (from Vijay.Bharadwaj@microsoft.com on 2012-08-14)
- Re: crypto-ISSUE-16: Definition for Key Expiration [Web Cryptography API] (from ddahl@mozilla.com on 2012-08-09)
- Re: crypto-ISSUE-16: Definition for Key Expiration [Web Cryptography API] (from sleevi@google.com on 2012-08-09)
- Re: New Editor's Draft (from sleevi@google.com on 2012-08-09)
- Re: New Editor's Draft (from sleevi@google.com on 2012-08-09)
- Re: crypto-ISSUE-16: Definition for Key Expiration [Web Cryptography API] (from hhalpin@w3.org on 2012-08-08)
- Re: crypto-ISSUE-16: Definition for Key Expiration [Web Cryptography API] (from ddahl@mozilla.com on 2012-08-08)
- Re: crypto-ISSUE-16: Definition for Key Expiration [Web Cryptography API] (from hhalpin@w3.org on 2012-08-08)
- Re: crypto-ISSUE-16: Definition for Key Expiration [Web Cryptography API] (from mountie.lee@mw2.or.kr on 2012-08-06)
- crypto-ISSUE-16: Definition for Key Expiration [Web Cryptography API] (from sysbot+tracker@w3.org on 2012-08-06)
- New Editor's Draft (from sleevi@google.com on 2012-08-05)
- Re: crypto-ISSUE-16: Definition for Key Expiration [Web Cryptography API] (from sleevi@google.com on 2012-08-05)
- Re: crypto-ISSUE-16: Definition for Key Expiration [Web Cryptography API] (from sleevi@google.com on 2012-08-05)
Related notes:
No additional notes.
Display change log