W3C home > Mailing lists > Public > public-identity@w3.org > October 2011

Report: Installing a CA in a bank

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Mon, 03 Oct 2011 13:51:49 +0200
Message-ID: <4E89A1D5.2030800@telia.com>
To: "public-identity@w3.org" <public-identity@w3.org>
A few weeks ago I had the pleasure installing our CA product at a major national bank.

However, the bank wanted to be able to issue smart cards from any of the hundreds of offices.

Then I had to bring them the naked truth: Issuing smart cards using a web browser requires you to go to one of a gazillion "solution providers" that can supply with their own specific "browser plugin"
and associated web portal.  Don't forget to verify that the cards you intend to use actually are compatible with the proprietary solution provider's software.

This of course spurred me continuing on a path not even the "big three" have dared to go!

The solution to the problem is (IMO) not making browsers compatible with arbitrary cards because that would take forever (and then it is from a customer's point of view better buying proprietary
software from a vendor who lives on such products), but creating a "web token" that is designed for browser operation from the beginning.

Anders
Received on Monday, 3 October 2011 11:52:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 3 October 2011 11:52:26 GMT