W3C home > Mailing lists > Public > public-web-security@w3.org > February 2015

Re: [W3C Web Crypto WG] Rechartering discussion - Gemalto contribution

From: Siva Narendra <siva@tyfone.com>
Date: Mon, 2 Feb 2015 13:00:18 -0800
Message-ID: <CAJhTYQx5dFd9j0r7xoZmRCnuLB5DGoJ-YVvYrQrcnJvYDeiToA@mail.gmail.com>
To: Ryan Sleevi <sleevi@google.com>
Cc: Anders Rundgren <anders.rundgren.net@gmail.com>, Brad Hill <hillbrad@fb.com>, GALINDO Virginie <Virginie.Galindo@gemalto.com>, Lu HongQian Karen <karen.lu@gemalto.com>, Wendy Seltzer <wseltzer@w3.org>, "public-web-security@w3.org" <public-web-security@w3.org>, Harry Halpin <hhalpin@w3.org>, "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>, POTONNIEE Olivier <Olivier.Potonniee@gemalto.com>, "PHoyer@hidglobal.com" <PHoyer@hidglobal.com>
Hi Ryan  --- IPR related to GP is dangerous compared to what? FIDO is not
immune to IPR -- is it?

At least in the case of GP it is mature to enough to know who owns what.
According to this document attached (and available online here
<http://fidoalliance.org/assets/downloads/FIDO_IPR_-_Counsel_Approved.pdf>)
it is clear that FIDO is concerned about IPR just as much as any other
standards would be.

Irrespective, it is precisely this unknown that would make it more
dangerous to limit the web to one protocol with unproven IPR that might
ultimately stifle innovation.

-Siva



*--*


*Siva G. Narendra Ph.D. CEO - Tyfone, Inc.Portland | Bangalore |
Taipeiwww.tyfone.com <http://www.tyfone.com>*
*Voice: +1.661.412.2233*


On Mon, Feb 2, 2015 at 12:36 PM, Ryan Sleevi <sleevi@google.com> wrote:

>
>
> On Mon, Feb 2, 2015 at 12:28 PM, Siva Narendra <siva@tyfone.com> wrote:
>
>> Hi Anders. While traditional EMV on GP Smart Card does not easily allow
>> for it, that is exactly what EMV Tokenization enables. Apple Pay implements
>> EMV Tokenization on a GP Smart Card chip. Google Wallet can leverage EMV
>> Tokenization independent of Apple for the same credit card number. And so
>> can other independent GP hardware. Similar to Tokenization for EMV, atleast
>> in the US even the government standards for CAC/PIV recently released what
>> is called as Derived Credential. This space is rapidly evolving and we
>> shouldn't get tied up with one approach such as FIDO assuming rest of the
>> world will adopt it.
>>
>> Best,
>> Siva
>>
>>
>>
>> *--*
>>
>>
>> *Siva G. Narendra Ph.D. CEO - Tyfone, Inc.Portland | Bangalore |
>> Taipeiwww.tyfone.com <http://www.tyfone.com>*
>> *Voice: +1.661.412.2233 <%2B1.661.412.2233>*
>>
>>
> Given the IPR situation with Global Platform, I think it's disingenuous to
> dangerous to suggest it's a viable path for web standardization.
>
> While this is ultimately speculative, since it depends precisely on if and
> what the WG decides to pursue, I think it bears mentioning
> http://www.globalplatform.org/specificationsipdisclaimers.asp
>


Received on Monday, 2 February 2015 21:01:06 UTC

This archive was generated by hypermail 2.3.1 : Monday, 2 February 2015 21:01:07 UTC