Trust model. Re: Secure Element API: preliminary draft

On 2013-10-10 14:40, POTONNIEE Olivier wrote:
> A small update on Secure Element API: We started a draft and it is now available on github.

I have a couple of questions regarding the trust model between web apps and the SE.
In the draft you mention signed hosted applications as one scenario.
I could not find any specification for such apps in:

w3.org/TR/runtime/#uri-of-a-packaged-file

Did I look into the wrong document?

I don't fully understand how a web-apps can be given the right to
directly connect to an SE.  Could you elaborate a bit on this?

Cheers
Anders



> 
> http://opoto.github.io/secure-element/
> github project: https://github.com/opoto/secure-element
> 
> I hope this document will answer the questions raised in this mailing list and during the last F2F meeting. In particular it contains some background information on secure elements, the targeted uses cases, and security and privacy considerations. Some of this non-normative information might not be necessary in the final version, but it is useful at this preliminary step.
> It is a work in progress. Your comments, corrections, contributions are very welcome.
> We will present this draft, updated based on your feedback, during next SysApps F2F meeting.
> 
> Thanks
> --
> Olivier
> 
> 
> This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus
>

Received on Sunday, 13 October 2013 18:29:51 UTC