Add multi-key support or user keys for providers (?) #36
Description
Currently providers use a single key pair for signing and encryption of data. When using Kiebitz within a larger organization it might be required to delegate access to many stakeholders, which should ideally have their own key pairs. To achieve this we could add multi-key support for providers, or we could add a user role to the system that has role-based access to the provider data. User keys would be generated in the frontend and signed by the provider key.
This would make key rotation / change for the provider keys less urgent as the keys would only be used for initial setup and user key generation and would not leave the device. Still, when revoking a given user key appointments signed with the key would need to be re-signed.
This issue is currently for discussion only, please do not implement this yet.