►
From YouTube: WG-KMS Bi-Weekly Meeting for 20220412
Description
WG-KMS Bi-Weekly Meeting for 20220412
A
A
Met
week,
so
what
updates
do
folks
have
for
us
today?
B
Yeah,
so
happily
we
have
no
issues.
So
I
worked
on
the
issue
that
was
assigned
to
me,
which
was
for
the
reference
library,
and
so
there
were
a
couple
of
things
that
I
needed
to
do
and
there
were.
There
was
also
a
reference
to
the
work
of
that
I
niched
previously,
so
I
yeah
created
a
branch
where
we
have
kind
of
a
local
keg
which
is
rotated
in
certain
circumstances
and
we
use
asgcm.
A
All
right,
so,
let's
see
so,
I
see
you
said
that
metrics
are
missing.
So
what?
What
did
you
work
on
implementing
exactly?
Let's
see
a
decrypt
service.
B
So
so
I
use
the
specification
for
the
service
and
created
one
and
in
between,
we
have
so
device.
Basically,
three
files,
one
is
asgcm
where
we
encrypt
and
decrypt
with
asgcm,
and
the
second
file
is
the
file
which
is
called
managed,
which
basically
maintains
with
the
el
ru
cash
as
initiated
several
versions
of
the
keys,
and
we
rotate
them
if
necessary,
or
we
can
reinitiate
old
keys
yeah
that
we
don't
have
in
the
cache.
But
we
receive
in
the
decryption
request
and
then
the
third
one
is
basically
wiring
up
to
the
servers.
B
So
I
did
number
one
keygenres
for
looking
gas.
I
did
number
two
rotation
based
on
counter
and
weekly
number
three
encryption
using
is
aas
g7
for
the
with
the
metrics
I
didn't
do
yet.
I
added
some
logging
and
I
externalized
the
encryption
for
local
tech,
which
right
now
is
just
basically
an
interface
where
the
person
who
who
implements
it
with
the
absolute
currency
specified
okay.
So
this
is
where,
like
azure
keyword,.
A
Okay,
so
let's
see
some
high
level
questions
I
would
have
is
how
would
we,
how
would
we
use
this
reference
implementation
in
the
situation
where
you
don't
want
a
key
hierarchy.
B
With
nokia
hierarchy,
you
mean
specifically
that
if
you
use
hardware
tokens
like
that,
say
that
again,
what
do
you
mean
by
by
so
we
have?
When?
Wouldn't
we
have
a
key
hierarchy.
B
What
I
just
naively
assumed
is
that
that
the
upstream
cameras
would
be
just
an
abstraction
where
I
would
say
either
it's
a
real
upstream
kms
or
it's
an
it's
a
pixel
11
device
that
has
that
api.
So
this
would
then
the
next.
So
so
I
would
change
it
on
that
level.
So
I
would
not
say
okay,
the
device
does
all
the
encryption
decryption,
but
but
I
just
thought
it
might
make
more
sense
to
make
it
on
the
level
of
of
the
upstream
kms
and
exchange
those.
C
A
Right
right,
what
I'm
thinking,
though,
is
if,
if
your
library
includes
one
two
three
and
six,
basically,
how
do
you
opt
out
of
one
two
three
and
six
in
in
in
a
way
that
the
is
at
least
somewhat
reasonably
easy,
like
I,
I
think
having
the
key
hierarchy
is
probably
the
correct
default
and
is
what
most
people
would
expect
to
happen
if
they
want
to
have
good
performance
with
cloud
kms
style
stuff.
A
But
I
also
kind
of
feel
like
like
in
a
sense-
maybe
maybe
maybe
there
this
one,
two
three
and
six
actually
itself
needs
to
be
an
interface
and
the
default
implementation
of
that
interface
with
kristoff
has
already
written.
But
then
there
is
another
implementation
of
that
interface,
which
is
basically
just
a
complete
hashtag
that
that
makes
sense.
It
doesn't
build
a
hierarchy.
It
doesn't.
B
Yeah
so
so
I
assumed
that,
because
maybe
I
didn't
read
myself
too
much
into
the
hms
how
they
work
specifically,
but
I
have
an
ubi
key
where
I
have
just
a
set
of
keys,
which
I'm
rotating,
like
you
know
once
a
year
or
something
like
that
and
and
I
just
and
how
to
describe
so,
I
assume.
Basically
it
starts
basically
one
key
and
then
it
creates
new
new
keys
and
then.
B
No,
we
can
do
it
like,
like
that.
We
could
also
abstract
it
and
then
give
the
user
a
choice,
but
then
it's
it's
when
we
abstract
away
the
key
hierarchy.
It's
the
big.
B
But
I
might
be
wrong
with
that,
because
this
is
how
I
use
my
personal
hms,
and
this
is
why
I
decided
to
go
that
way,
but
we
can
definitely
go
forward
without
a
key
hierarchy.
But
but
then
it's
it's
on
a
such
a
different
level
of
abstraction
that
most
of
the
code
doesn't
need
to
be
used
right.
So
we
would
need
to
have
complete
new
package
where
we
just
have
a
completely
new
implementation
and
that
just
uses
the
services.
A
Yeah,
the
the
only
thing
that
makes
me
nervous
about
always
having
a
key
hierarchy
is,
then
you
are
doing
crypto
in
software,
and
I
could
see
someone
saying
that,
but,
like
I
have
local
hardware
that
is
supposed
to
be
doing
the
crypto,
I
don't
want
your
software
doing
the
crypto
right.
I
want
my
hug
and
it's
and
I
want
you
to
call
it
like
you
know.
I
want
you
to
call
it
every
time
the
api
server
calls
encrypt.
I
want
you
to
call
my
kms
directly.
A
B
A
I
mean
if
we,
if
we
think
that
that
use
case
isn't
as
important,
we
don't
have
to
try
to
support
it.
I
just
I
I
I
don't-
have
numbers
to
prove
that,
like
that's
a
an
important
use
case
to
end
users
versus
the
like,
we
know
the
cloud
stuff
is
important
right
because
everyone
is
using
these
different
platforms
and
we
want
all
the
cloud
platforms
to
have
this
integration
nicely
done
so
that
way,
their
users
can
use
it
and
everybody
benefits
from
it.
Whoever's
using
it.
B
But
it's
definitely
a
cool
feature
I
mean
in
in
in
the
very
first
implementation.
I
also
started
with
with
the
implementation
of
the
pix11,
so
it
wouldn't
be
that
big
of
an
effort,
hopefully
to
to
add
another
package
that
offers
this
right.
So
I
mean
it's
a
very
bad
design
api
because
it's
very
verbose,
but
we
could
add
it
also
as
an
alternative
option
right.
A
Yeah
I
was
hoping
that
like
we
would
have
the
reference
library,
but
we
would
have
a
reference
implementation
that
was
pkcs
11,
because
that
one
is
agnostic
to
any
provider
right.
It's
it's
really
about
a
hardware
interface
that
many
many
like
you.
For
example,
our
yubikeys
implement
that
right.
So
we
could
use
our
uv
keys.
A
Yeah,
I
mean,
I
think
it
does
complicate
the
implementation,
but
it
also,
I
think,
keeps
us
honest
right.
It
keeps
us
from
over
exerting
a
very
strong
opinion
on
key
hierarchy.
Basically,.
A
B
No
definitely
not,
but
I
didn't
have
the
opportunity
to
look
into
the
other
topic
that
anish
referred
to,
that
that
I
could
take
a
look
into
it.
C
B
Oh
yeah,
exactly
it's
it's
just!
I
just
wanted
to
to
show
the
connect.
So
I
just
it's
an
issue
that
I
received.
So
there
was
a
reference
to
the
code
that
you
wrote,
so
I
just
with
the
third
fire.
I
just
want
to
to
show
how
it
could
be
used
with
a
service
so
and
if
someone
asked
it
already,
I'm
happy
to
to
take
over.
A
The
platform
when
you
say
service
kristoff,
I
think
what
you're
saying
is
this-
is
the
implementation
of
the
server
side
that
the
kubernetes
api
server
connects
to
right.
So
the
kubernetes
api
server
is
a
grp
client,
and
this
is
the
grpc
server
side
of
that,
where
you
have
the
version
api,
as
well
as
decrypt
and
encrypt
as
inside,
which
which
version
is
this?
Is
this
v2
alpha
1
api,
the
one
we.
B
C
C
A
Okay,
maybe
so
is
anyone
specifically
working
on
the
stub
side,
the
server
side
of
this,
even
if
it
is
a
stub
or
is
that
just
the
only
one
that
I
was
working
on
is
kristoff?
The
reason
I'm
asking
is
we
could
kristoff
would
look
at
this,
merge
it
and
then
he
could
rebase
his
stuff
on
top
of
this
and
regenerate
the
server
side
and
fill
it
out
with
his
reference
implementation.
A
I
think
that's
totally
just
fine,
I
don't
think
you're
stepping
on
anyone
kristoff,
because
the
if
I'm,
if
I'm
looking
at
the
items
or
like
or
assigned
to
me,
so
for
me,
it's
to
look
on
the
api
server
side
with
on
initial
fork
with
the
new
v2
alpha
api
and
try
to
fix
the
tail
semantics
of
that
and
then
similarly
damien
on
the
api
server
side
is
supposed
to
be
looking
at
the
health
semantics
so
and
then
rita
is
working
on
the
cap
stuff.
A
So
I
don't
think
you're
stepping
on
anyone
unless
a
niche
has
something
that
I
don't
know
about.
Basically,
it's
very
good.
C
No,
so
I
was
going
to
say
that
so
in
terms
of
what
I
have
like,
we
had
the
initial
poc
right
so
where
there
were
changes
in
the
api
server
and
then
for
end-to-end
validation
like
all
the
stuff
that
we
added
in
keyword
so
like
what
I'm
doing
right
now.
C
Is
I've
updated
the
api
server
stuff
with
the
new
v2
alpha,
one
that
mo
proposed
for
rotation
and
then
I'm
also
making
corresponding
changes
in
my
keyword,
branch,
which
is
still
using
whatever
I
have
for
generation
of
new
keys
and
all
that
just
so
that
we
can
validate
the
end-to-end
flow
right.
But
again
that
is
not
conflicting
with
what
kristoff
is
doing
like
it's
totally
different
and
then,
in
addition
to
that,
I'm
trying
to
wire
the
new
status
rpc
call
to
the
storage
version.
So
we
can
actually
see
that
hash.
C
A
Yes,
they
cancelled,
because
I
think
too
many
folks
were
out
so
that
there
was
it,
wasn't
a
critical
mass
to
have
the
discussions,
which
is
unfortunate
but
also
healthy.
I
think
I
think
people
were
very
tired
from
the
release
activities
and
sometimes
people
just
need
a
bridge.
E
I
started
looking
into
the
code,
but
I
haven't
yet
figured
out
how
to
like
change
it
to
match
our
new
needs,
but
I
will
do
that
later
this
week.
Okay,
cool.
A
And
so
so,
unless
you're
looking
at
the
as
you
just
mentioned,
you're
looking
at
storage
version
hash
to
see,
if
you
can
wire
that
up,
I
I
I
would
be
curious
to
know
how
bad
how
bad
the
dish
is
because
it
looked
like
there
was
some
some
bad
assumptions
in
that
code,
like
you
could
easily
locally
figure
out
the
hash,
like
kind
of
like,
instead
of
like
having
18
layers
of
wiring
coming
in
from
like
the
kms.
A
So
I
I'm
not
looking
forward
to
the
diff
and
that
I
suspect
that
might
be
one
of
the
pushbacks
we
get
for
making
a
machine.
You're
saying
like
it's
be
ugly.
C
It's
gonna
be
real
ugly,
the
way
that
through
yeah
but
yeah,
I
think
I'll
have
a
demo
by
next
week.
So
we
can
use
that.
Also,
while
we
write
the
cap
and
for
going
to
api
machine.
D
A
Okay,
does
anyone
have
anything
else
to
want
to
talk
about?
Do
we
always
quit
early?
If
we
don't
have
any
other
discussion
topics?
Certainly
people
could
use
the
time
that
they
have
allowed
for
this
meeting
to
work
on
whatever
item
that
they
were
signed,
which
is
totally
cool.
A
C
A
A
It
right
so
there's
a
status
request
and
response
now.
A
C
Not
necessarily
at
least
based
on
my
experience
with
csi,
they
don't
have
a
version
with
it,
but
I
think
kms
had
it
just
to
check
the
compatibility
right
but
yeah.
I
haven't
seen
that
with
the
other
apis.
A
Okay,
it
just
seems
weird
to
me
like
I
don't.
I
didn't,
really
understand
what
it
was
trying
to
accomplish
because,
like
isn't
the
like,
isn't
the
version
like
I
like
I
like,
isn't
the
version
like
part
of
like
what
the
original
version
request
and
response
right.
It
had
a
version
in
it
like,
wouldn't,
isn't
that
sufficient?
I
mean
you
like.
Do
you
have
to
keep
saying
every
single
sub
api
has
the
same
version.
C
Like
the
only
thing
I
can
think
of
is
at
some
point,
if
the
schema
of
the
body
that
it
returns,
if
it's
abstract
and
if
it
changes
then
basically
like
that
version
signifies
the
schema
of
that
body,
that's
being
written
so
like
if
it
was
supporting
like
v,
one
alpha,
one,
which
was
json
with
a
couple
of
fields
and
then
let
let's
say
this
v2
alpha
one
which
had
json
with
additional
fields.
It's
basically
telling
the
client
that,
like
hey
I've,
packaged
it
in
this
format.
C
So
if
you
need
to
read
it,
you
can
read
it
with
this
particular
version
like
I've
seen
that
in
some
of
the
new
the
container
signing
projects
like
they
have
different
schema
versions,
so
they
need
to
support
multiple
versions,
so
they
need
the
server
to
say
which
version
of
the
data
format
they
are
returning,
but
again
for
kms.
I
think
it
doesn't
matter
because
what
we
initialize
the
game
is
plugin
once
we
initialize
it
with
that
proto
like
we
check
that,
and
that
is
all
it's
being
sent
and
received
so
yeah.
A
A
Right
so
the
other
thing
I
just
remembered
is
I
can.
I
think
I
could
make
an
issue
for
this.
Unless
someone
tells
me
there
there's
an
issue
already,
which
is,
I
think
we
need
an
issue
for
the
new
storage
format.
We
are
proposing
right.
We
will
be
proposing
exchanging
the
data
stored
in
xcd
to
be
a
new
proto
format,
and
I
don't
think
we've
ever.
A
I
think
we've
really
tried
to
spec
it
out,
but
I
think
it's.
I
think
it
follows
directly
from
the
grpc
api,
because
we're
basically
saying
that
we're
gonna
we're
gonna
store
the
encrypted
blob
and
some
other
stuff
and
this
metadata
and
plain
text.
So
it
kind
of
follows
from
that.
So
I
think
that
part
is
sort
of
clear,
but
we
we
haven't
tried
to
actually
do
that
right.
No
one
is,
I
think
initial.
Maybe
you
had
tried
to
do
some
stuff
with
proto,
but
then
ran
into
some
issues
or
something.
A
Yeah
because
it's
easier,
it's
just
easier
to
just-
do
json
yeah
okay,
so
I
will
make
an
issue
which
is
it
would
be
so
it
would
be.
F
C
Yeah
I
closed
the
the
issue
too,
because
it
just
duplicate
us
what
crystal's
already
doing?
Okay.
A
Cool
all
right:
does
anybody
have
anything
else
or
should
we
call
it
and
we'll
do
some
kms
stuff.