W3C home > Mailing lists > Public > public-identity@w3.org > November 2011

Re: Web Cryptography Working Group scoping progressing...

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Thu, 03 Nov 2011 10:12:21 +0100
Message-ID: <4EB25AF5.70200@telia.com>
To: Harry Halpin <hhalpin@w3.org>
CC: public-identity@w3.org
On 2011-11-03 03:37, Harry Halpin wrote:
> Everyone,
> 
> While the use-cases need to be more compelling and I'm pretty sure the
> browser-specific language is still present, the scoping is getting closer
> we think:
> 
> http://www.w3.org/wiki/IdentityCharter
> 
> This was created after the meeting at TPAC on the "break-out" session.
> 
>    cheers,
>         harry
> 
> 
> 

  "Use cases include securing high-value transactions,
   signing and verifying content"

  "out of scope: .., access control beyond enforcement
   of the same-origin policy"

These lines do not match what is going on elsewhere.

A few examples that comes to my mind:

1. Access control by the use of provider-supplied PINs is pretty
   much standard for "high-value transactions" since ages ago.

2. Other key access control schemes include restricting key-usage
   based on "app".  Its already a part of Google's wallet.

If the idea is going for the needs of the corporate, banking and
financial markets, I think we/you are going to face major hurdles
and excessive time-lines.

Regards,
Anders
Received on Thursday, 3 November 2011 09:20:15 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 3 November 2011 09:20:15 GMT