- From: Zoltan Kis via GitHub <sysbot+gh@w3.org>
- Date: Mon, 23 Feb 2015 11:14:27 +0000
- To: public-nfc@w3.org
Re @sicking > "So we should come up with an NFC format which explicitly is different enough from any tags that are in existence today, that it's very unlikely that any existing tags can be mistaken for WebNFC tags." and @jyasskin > "Separately, I think that the id NDEF record is probably too limited to identify WebNFC devices. We probably want the device to be able to express a set of origins that are allowed to access it, rather than just a single origin, and IIUC the id record can't hold enough data to do that in general." We cannot come up with NFC formats, we need to use the already standardized formats for now, but with web-specific content. The ```id``` field of NDEF records can be used, and also we can use one or more special NDEF records in an NDEF message designed to carry web-specific [security] information, which makes the NDEF message web-specific, the cost being less available space for payload data in the tag. But this would allow reprogramming existing tags with web-specific content, and without the need to modify HW and middleware level NFC stacks. All this could be encapsulated in the API implementations, together with the actual security policies. We need to study if and what mandatory security policies we need to build into the spec, and what policies can be chosen by the UA (assuming the mechanisms needed for these policies are supported and compatible with the spec). -- GitHub Notif of comment by zolkis See https://github.com/w3c/nfc/issues/76#issuecomment-75524767
Received on Monday, 23 February 2015 11:15:32 UTC