W3C home > Mailing lists > Public > public-identity@w3.org > July 2011

Re: White paper of proposed architecture for NSTIC

From: Francisco Corella <fcorella@pomcor.com>
Date: Wed, 20 Jul 2011 12:24:44 -0700 (PDT)
Message-ID: <1311189884.71793.YahooMailNeo@web125503.mail.ne1.yahoo.com>
To: Anders Rundgren <anders.rundgren@telia.com>
Cc: "public-identity@w3.org" <public-identity@w3.org>, "Karen P. Lewison" <kplewison@pomcor.com>
Hi Anders,

> The problem with this and similar efforts is that you need a
> *platform*.
> 
> The only party that actually has a platform worth mentioning
> is Apple with their iPhone.
> 
> Popular, can host credentials, can be on-line provisioned,
> great connectivity.

Why do you need a platform?  Why can't the browser manage
your credentials (whether or not they are stored in a smart
card).

> Unfortunately I don't think the NSTIC people are prepared
> shelling out any money except on projects using their "own"
> platform, i.e. PIV.  This platform is severely constrained
> and does neither support multiple credentials nor on-line
> provisioning.
> 
> PIV doesn't fit your bank-case.
> 
> That people outside the Feds doesn't have card readers is
> also an indication how "off" this thing would be as a
> foundation for a vibrant identity ecosystem.

NSTIC is not about PIV.  I believe many people involved with
NSTIC think PKI certificates, such as those stored in PIV
smart cards, are a thing of the past, to be replaced with
"privacy-enhanced" credentials such as Idemix anonymous
credentials or U-Prove tokens.  I myself think PKI
certificates have an important role to play going forward,
coexisting with privacy-enhanced credentials.

NSTIC is still pretty much a blank slate.  The first
workshop on technology has not taken place yet.  I'm told it
will take place in the Bay Area during the week of September
19.  I encourage you to attend and contribute your ideas.

> Platform = HW + SW.

Francisco
Received on Wednesday, 20 July 2011 19:25:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 20 July 2011 19:25:11 GMT