W3C home > Mailing lists > Public > public-web-security@w3.org > November 2014

Re: [WebCrypto.Next] Microsoft's Contribution

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Mon, 17 Nov 2014 08:14:33 +0100
Message-ID: <5469A059.6090606@gmail.com>
To: Martin Paljak <Martin.Paljak@ria.ee>, "public-web-security@w3.org" <public-web-security@w3.org>
On 2014-11-17 07:25, Martin Paljak wrote:
> Hello,
>
>
> Huge thanks to the creators of this presentation! I feel that parts of it target exactly the same sector (signatures with existing tokens) and direction and mindset and resulting functionality that we are using within Estonia and this makes a perfect collaboration target for us. This is similar to what we currently target with "proprietary" (but open source) plugins, just need to work on harmonizing the API to get comparable real life functionality.

Hi Martin,

Although the details are quite sketchy I have tried to "decipher" the documentation. These are my findings:

It *seems* that relying party code has direct API access (which *not* the case with plugins).

That is, it appears that *users* would need to decide (per site) if a site's *client code* is to be trusted or not.
IMO, issuers like banks would probably not accept such an arrangement.

OTOH, I may have gotten it all wrong due to the limited documentation :-)

Cheers,
Anders

>
> Things like UI are still unclear from the slides but something that can be worked upon.
>
>
> Best,
> Martin
> ________________________________________
> From: GALINDO Virginie [Virginie.Galindo@gemalto.com]
> Sent: Wednesday, November 12, 2014 11:33
> To: public-web-security@w3.org; public-webcrypto@w3.org; Jeff.Hodges@PayPal.com; Anders Rundgren
> Subject: [WebCrypto.Next] Microsoft's Contribution
>
> Dear all,
> Please note that the contribution made by Israel and Vijay, related to certificate management is now available on the web crypto WG wiki, classified in the F2F meeting page, here https://www.w3.org/2012/webcrypto/wiki/images/d/dd/CertAndKey_Management_Requirements_for_WebCrypto_microsoft.pdf
> This will be discussed when the group will be re-chartering.
> Regards,
> Virginie
> ________________________________
>   This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
>
Received on Monday, 17 November 2014 07:15:05 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:22 UTC