W3C home > Mailing lists > Public > public-identity@w3.org > February 2012

Web Cryptography Working Group Charter

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Thu, 09 Feb 2012 22:07:02 +0100
Message-ID: <4F343576.5030807@telia.com>
To: "public-identity@w3.org" <public-identity@w3.org>
http://www.w3.org/2011/11/webcryptography-charter.html

 "The ability to select credentials and sign statements can
  be necessary to perform high-value transactions such as those
  involved in finance, corporate security, and identity-related
  claims about personal data"

 "The provisioning and use of keys within Web applications can
  be used for scenarios like increasing the security of user
  authentication and determining whether a particular device is
  authenticated for particular services"

If you combine these high-level requirements you essentially get
a "webbified" Google wallet (and more).  However, the Google
wallet is not an API, it is a system and architecture.

For financial transactions and key provisioning the DOMCrypt stuff
that Mozilla showcased last summer, IMO doesn't even come close
to the already shipping Google product so we are apparently (?)
talking about something entirely different.

 "Out of scope: features include special handling directly for
  non-opaque key identification schemes, access control mechanisms
  beyond the enforcement of the same-origin policy, and functions
  in the API that require smartcard or other device-specific behavior"

The Google wallet builds on smart card technology.

Anders
Received on Thursday, 9 February 2012 21:07:36 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 9 February 2012 21:07:36 GMT