WebAuth - Replacement for HTTPS Client Certificate Authentication from Anders Rundgren on 2013-10-23 (public-web-security@w3.org from October 2013)

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Wed, 23 Oct 2013 16:55:21 +0200
To: "public-web-security@w3.org" <public-web-security@w3.org>
Message-ID: <5267E359.5090005@telia.com>

Maybe of interest:

http://webpki.org/papers/PKI/webauth.pdf

Comments are welcome!

There are actually 3 independent standards targets in this proposal:

1. Browser bindings for JSON protocol invocations

2. JSON Clear-text Signature:
https://openkeystore.googlecode.com/svn/resources/trunk/docs/JSON-Clear-Text-Signature-Scheme.pdf

3. And then WebAuth itself

Cheers
Anders

Received on Wednesday, 23 October 2013 14:55:57 UTC