RE: Secure elements and PC/SC Workgroup Specifications from POTONNIEE Olivier on 2013-09-26 (public-sysapps@w3.org from September 2013)

From: POTONNIEE Olivier <Olivier.POTONNIEE@gemalto.com>
Date: Fri, 27 Sep 2013 00:17:21 +0200
To: Anders Rundgren <anders.rundgren.net@gmail.com>, Marcos Caceres <mcaceres@mozilla.com>
CC: sysapps <public-sysapps@w3.org>
Message-ID: <267D4E63A0D73044BFBB4199DA94D8050372E94EF62E@CROEXCFWP04.gemalto.com>

Hi Marcos,

As Anders mentioned PC/SC is the de facto standard on desktop environments to access secure element, as it is present on Windows, Linux and MacOS.
On Mobile, there is no such universal standard. Each platform developed its own native API:
- Android:
  https://code.google.com/p/seek-for-android/

- Windows Phone:
  http://msdn.microsoft.com/en-US/library/windowsphone/develop/microsoft.phone.secureelement(v=vs.105).aspx
- BlackBerry:
  http://developer.blackberry.com/native/documentation/core/com.qnx.doc.nfc/topic/manual/t_nfcdevguide_connect_app_on_SIM_SE.html

(not exhaustive list)

Of course the W3C secure element API should not be a copy of the PC/SC specifications, which have a wider scope of features than needed by web applications, and is very low level. What we are willing to expose in the SE API is only a subset of PC/SC part 5, through a slightly higher level API.

--
Olivier

> -----Original Message-----
> From: Anders Rundgren [mailto:anders.rundgren.net@gmail.com]
> Sent: Thursday, September 26, 2013 10:25 PM
> To: Marcos Caceres
> Cc: sysapps
> Subject: Re: Secure elements and PC/SC Workgroup Specifications
>
> On 2013-09-26 22:10, Marcos Caceres wrote:
> > Hi Folks who know about secure elements,
> >
> > What's the deal with the "PC/SC Workgroup Specifications" (link
> below)? Are they similar to what we've been talking about for secure
> elements?
> >
> > http://www.pcscworkgroup.com/specifications/specdownload.php

>
> Hi Marcos,
>
> If we are talking about the Gemalto's take on SE, I would say that
> PC/SC probably is the low-level interface the SE API would hook into.
> This interface is used in PCs (Windows, Linux, etc) for talking to
> smart cards.
>
> If we OTOH talk about embedded SE's like featured in Android 4.3 or
> your truly's SKS/KeyGen2, PC/SC is not a part of the plot.
>
> Microsoft's SE-solution shipping in Windows RT is probably not based on
> PC/SC since there already is another API in place (TPM or TSS).
>
> Cheers
> Anders
>
>
> >
> > Kind regards,
> > Marcos - the secure elements noob.
> >
> >
>

This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus

Received on Thursday, 26 September 2013 22:17:52 UTC