APKAM - changes to spec for keys verb feature

[murali-shris]

Is your feature request related to a problem? Please describe.

• When private and self keys are stored in __global namespace, we don't specify enrollment Id. Due to the absence of enrollmentID, retrieval and access restriction of these keys is tricky.
• If private key is owned by app or on a SIM, these scenarios have to be handled differently in the current spec

Describe the solution you'd like

• any new metadata that has to be added for keys , include in the value json since adding of new metadata involves changes in multiple places
  e.g
  key name - public:myencryptionPublicKey.__public_keys.__global@alice

value: {value: <base64encoded_pubkey>, keyType: rsa2048}

• Make changes to keys:put section in the spec to include enrollmentId in value json

• Changes to sequence diagram to generate new AES key along with APKAM key pair

Describe alternatives you've considered

No response

Additional context

No response

[murali-shris]

@gkc I made minor text changes to the spec
https://github.com/atsign-foundation/at_protocol/pull/95/files

[murali-shris]

@gkc please review
https://github.com/atsign-foundation/at_protocol/blob/apkam_spec_changes/decisions/2023-01-pkam-per-app-and-device.md

[murali-shris]

Changes merged