RE: Secure Element API: Acces Control from erwan.louet@orange.com on 2014-04-10 (public-sysapps@w3.org from April 2014)

From: <erwan.louet@orange.com>
Date: Thu, 10 Apr 2014 08:43:51 +0000
To: <Olivier.POTONNIEE@gemalto.com>, <public-sysapps@w3.org>
Message-ID: <DB287A0079C501459BE5D0A651030498480F9570@FTRDMB02.rd.francetelecom.fr>

Olivier,

I have some feedback on the draft :

- restricting access control to only author signature seems not aligned with Global Platform, which states
that all signatures shall be checked. In the context of W3C this means that distributor signatures (if any)
must also be checked

- this extends to the certificate chain check (bottom to top), again as specified in GlobalPlatform the
enforcer must try all certificates in the chain.

This is how things are implemented in Tizen currently. I don't believe this adds much work to the UA
developers.

Erwan

-----Message d'origine-----
De : POTONNIEE Olivier [mailto:Olivier.POTONNIEE@gemalto.com]
Envoyé : jeudi 23 janvier 2014 09:31
À : public-sysapps@w3.org
Objet : Secure Element API: Acces Control

Following the questions raised during last SysApps WG F2F meeting regarding how to restrict the access to the Secure Element API, we prepared a document explaining the solution we propose:
https://github.com/opoto/secure-element/blob/gh-pages/AccessControl.md
This document is not formatted as a "specification", it is closer to a white paper intended to outline the solution, and explain the why and the how. Please comment so that we can finalize the solution, and integrate it in the Secure Element API draft.

In particular we would appreciate your feedback on the dependency this proposal has on so-called "packaged applications": this packaging is not specified in W3C, will it ever be? This may impact the lookup process for the application signature file proposed in our document.

For now, we propose to reuse the widget signature format. Will this format be maintained in the future, or are there plans to define a JSON format, as it was done for the manifest?

Best Regards,
--
Olivier

This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus

Received on Thursday, 10 April 2014 08:53:58 UTC