Emily Stark

icon indicating a website link www.emilymstark.com icon indicating an email [email protected]

Results 25 comments of Emily Stark

[Remote CryptoKeys] Various questions and feedback

> Is there any intention to allow generating a key via this API? The proposal doesn't explicitly mention it, but the UI could offer to generate a key, if the...

Reject or ignore unknown signature metadata parameters?

I only skimmed this thread and haven't really digested anything in it, so apologies in advance if this comment is a non-sequitur. I know we are basically punting the postquantum...

[Remote CryptoKeys] Option for key access to be tied to browser storage policy?

(Warning: this comment is possibly tangential to this issue, and also I might be confused!) ISTM that even if the keys were tied to the browser storage policy, user consent...

[Remote CryptoKeys] Option for key access to be tied to browser storage policy?

> This proposal does intend for the keys to be origin-bound, as well. ISTM that this would have to be a different type of key -- one created and managed...

[Remote CryptoKeys] Problem statement explains why some alternatives are bad, but doesn’t explain why non-extractable keys are not sufficient

It's also, to my knowledge, impossible to store non-extractable Web Crypto keys in a truly persistent way, such as you would want for a long-term identity key. Is that part...