RE: Draft report: W3C WebCrypto v.Next report from Colin Gallagher on 2014-10-17 (public-web-security@w3.org from October 2014)

From: Colin Gallagher <colingallagher.rpcv@gmail.com>
Date: Fri, 17 Oct 2014 12:08:30 -0700
To: Mike Jones <Michael.Jones@microsoft.com>
Cc: GALINDO Virginie <virginie.galindo@gemalto.com>, public-web-security@w3.org, Wendy Seltzer <wseltzer@w3.org>, Harry Halpin <hhalpin@w3.org>, "john.mattsson@ericsson.com" <john.mattsson@ericsson.com>, Israel Hilerio <israelh@microsoft.com>
Message-ID: <CABghAMiMiMXGPYh3vVoEuuugLTny6yz0wafh7MSqW7=XpS+EKw@mail.gmail.com>

I agree with Mike re. Inclusion in wiki / notes of the keys (platform held
/ device held), accessible in variety of ways
-cg
On Oct 17, 2014 12:03 PM, "Mike Jones" <Michael.Jones@microsoft.com> wrote:

>  A key point missing from the minutes is that platform-held secure keys
> were discussed as much as device-held keys.  These can be held in either in
> TPMs, TEEs, or other secure elements.  At a minimum, in the next steps, I
> would change “Hardware tokens in scope” to “Platform-held keys and hardware
> tokens in scope”.
>
>
>
> I would also suggest describing the poll that I held that resulted in
> people unanimously agreeing that adding the ability to use
> platform-accessible secure keys (both platform-held and device-held keys)
> from the browser is a critical next step.
>
>
>
>                                                                 -- Mike
>
>
>
> *From:* Colin Gallagher [mailto:colingallagher.rpcv@gmail.com]
> *Sent:* Friday, October 17, 2014 11:50 AM
> *To:* GALINDO Virginie
> *Cc:* Wendy Seltzer; public-web-security@w3.org; Harry Halpin;
> john.mattsson@ericsson.com; Israel Hilerio; Mike Jones
> *Subject:* RE: Draft report: W3C WebCrypto v.Next report
>
>
>
> The wiki / content looks great! Thank you!
>
> On Oct 17, 2014 8:29 AM, "GALINDO Virginie" <Virginie.Galindo@gemalto.com>
> wrote:
>
> Harry,
>
> Sorry if I missed something, but the draft report is not on
> http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/.
> So I recommend people to read directly the wiki version you created here :
> https://www.w3.org/Security/wiki/Cryptoreport#DRAFT_Final_Report
>
> Virginie
>
>
> -----Original Message-----
> From: Harry Halpin [mailto:hhalpin@w3.org]
> Sent: mercredi 15 octobre 2014 23:50
> To: public-web-security@w3.org; israel Hilerio; john.mattsson@ericsson.com;
> Mike Jones; GALINDO Virginie; Wendy Seltzer
> Subject: Draft report: W3C WebCrypto v.Next report
>
> Here's a DRAFT final report:
>
> http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/
>
> I'm missing slides from (possibly in inbox, but perhaps deleted them, just
> resend):
>
> 1) John Mattsson
> 2) Mike  Jones
> 3) Israel Hilerio
>
> Just email them to me and I'll update.
>
> I've also put a version in the wiki for easy editing/corrections. Email me
> if there's anything substantial that must be rewritten:
>
> https://www.w3.org/Security/wiki/Cryptoreport
>
> I'll be taking comments until next Monday, so we can publish the report on
> W3C's website before TPAC and have an official announcement.
>
>   thanks,
>     harry
>
>
>
>
>
> ________________________________
>  This message and any attachments are intended solely for the addressees
> and may contain confidential information. Any unauthorized use or
> disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for
> the message if altered, changed or falsified. If you are not the intended
> recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission
> free from viruses, the sender will not be liable for damages caused by a
> transmitted virus.
>

Received on Friday, 17 October 2014 19:09:47 UTC