W3C home > Mailing lists > Public > public-web-security@w3.org > February 2015

Re: W3C Next Steps [was Re: [W3C Web Crypto WG] Rechartering discussion - Gemalto contribution]

From: Harry Halpin <hhalpin@w3.org>
Date: Fri, 06 Feb 2015 02:03:35 +0100
Message-ID: <54D412E7.2020909@w3.org>
To: GALINDO Virginie <Virginie.Galindo@gemalto.com>
CC: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>, "public-web-security@w3.org" <public-web-security@w3.org>


On 02/05/2015 09:19 PM, GALINDO Virginie wrote:
> (gemalto hat on)
> Harry,
> we will use the W3C Member Submission that if this helps progressing.
> note that you should also take into account the support of other parties in that discussion.
> 
> (still gemalto hat on)
> All,
> that would be great that *W3C members* (or any company seriously envisaging a W3C membership option) clarifies their support, if not already done, to the principle of that proposal to help W3C office to weight the actual interest of that topic.
> [Anders, we all know your opinion, you dont need to comment, I guess :)]

The best way to clarify support is to sign the Member Submission. That
makes sure the IPR situation is harmonious with W3C's IPR situation.

Note that is *not* limited to W3C member companies. If there are
non-member company that supports a proposal, they can sign also.
> 
> Regards,
> Virginie Galindo
> gemalto
> twitter : @poulpita
> 
> 
> 
> ________________________________________
> De : Harry Halpin [hhalpin@w3.org]
> Envoyé : mardi 3 février 2015 23:22
> À : GALINDO Virginie
> Cc : public-webcrypto-comments@w3.org; public-web-security@w3.org
> Objet : W3C Next Steps [was Re: [W3C Web Crypto WG] Rechartering discussion - Gemalto  contribution]
> 
> Virginie and Karen,
> 
>   Thanks for the concrete suggestion for what to do next. In fact - it's
> the only new concrete proposal from a major vendor on the table for the
> W3C since the workshop that we've had yet, with the possible exception
> of the Microsoft+ETRI proposal at the WebCrypto F2F that hasn't been
> formally discussed.
> 
> However, the proposal is still fundamentally slides, which is probably
> the right format for this level of maturity. Once you have addressed the
> concerns to the best of your ability, what would be useful would be a
> draft spec or set of draft specs, even if very drafty. Github could be
> useful as well for tracking concerns and comments.
> 
> The W3C Member Submission is a possibility here if there is any concern
> about IPR in the proposed specs (which unfortunately did come up), and
> we encourage both Gemalto and others such as the FIDO Alliance to use
> this process:
> 
> http://www.w3.org/2004/02/Process-20040205/submission.html
> 
> Myself and Wendy are happy to help with the necessary formatting and
> legal work.
> 
> Once we have a Member Submission we will do an internal review and try
> to set-up a teleconference with relevant parts of the W3C staff. We also
> of course are happy to extend this process to any alternate proposals
> and would be delighted to have multiple member submissions, even if
> incompatible. The W3C is committed to a fair process that includes all
> members, although in general my preference to see some rough consensus
> and at least one solid draft (i.e. Member Submission, product of a CG,
> etc.) before committing to chartering a new Working Group. While this
> may not have consensus, we've at least re-started the conversation in
> earnest :)
> 
> While there was lots of disagreement on the technical details, I think
> we all agree on the use-cases that some kind of hardware-backed
> cryptographic material would enable need to be part of the Open Web
> Platform.
> 
>    cheers,
>       harry
> 
> 
> 
> On 02/03/2015 05:36 PM, GALINDO Virginie wrote:
>> Hi all,
>>
>> reading the 70 e-mails in this thread and will come back to you with a proposal to formalize requests,  use cases, expression of concerns.
>>
>> Virginie
>> (speaking as chair)
>>
>> ---- Rigo Wenning a écrit ----
>>
>>> Anders,
>>>
>>> On Tuesday 03 February 2015 12:42:07 Anders Rundgren wrote:
>>>> Although I agree with what you are saying there's a problem:
>>>>
>>>> None of the stuff you are referring to has ever been directly connected
>>>> to the [UNTRUSTED] web, they are always used with a trusted App + GU.
>>>
>>> if everybody had already thought about it, my contribution would be noise. My
>>> apologies if this is the case. This is a chartering discussion. If thinking
>>> about the eGov use case is overkill, we should state that openly and move on.
>>> I just want this to be a conscious decision. This enables W3C to respond if
>>> asked by the various governments.
>>>
>>> --Rigo
>> ________________________________
>>  This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
>> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
>> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
>>
>> This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
>> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
>> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus
>>
> ________________________________
>  This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
> 
> This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus
> 
Received on Friday, 6 February 2015 01:03:46 UTC

This archive was generated by hypermail 2.3.1 : Friday, 6 February 2015 01:03:46 UTC