W3C home > Mailing lists > Public > public-identity@w3.org > December 2011

"Korean bank" - Credential selection requirement

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Sat, 03 Dec 2011 09:45:49 +0100
Message-ID: <4ED9E1BD.8000804@telia.com>
To: "public-identity@w3.org" <public-identity@w3.org>
Although the following was written from an enterprise perspective it
definitely applies to banks as well since they are used to handing out "cards"
to their customers:
http://webpki.org/papers/web/multiple-credentials-in-the-enterprise.pdf

For those who are into the bits and bytes the method "addExtension" in
   http://webpki.org/papers/keygen2/sks-api-arch.pdf
should give you an idea how this can be implemented.

That there is no JS to find is because JS (IMO) has no mission to fill in a sophisticated
10 pass security protocol; in this case XML/XSD seems like a more natural choice:
http://webpki.org/papers/keygen2/keygen2schema.html

IETF/PKIX has defined another way of addressing this issue:
http://www.rfc-editor.org/rfc/rfc6170.txt
IMO blending relying party trust issues with end-user GUI experience may look
like a shortcut but I think it is more like a dead end :-)

Anders
Received on Saturday, 3 December 2011 08:46:36 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 3 December 2011 08:46:36 GMT