W3C home > Mailing lists > Public > public-web-security@w3.org > March 2015

Re: Restarting the "Smart Cards for the Web" Discussions

From: Siva Narendra <siva@tyfone.com>
Date: Fri, 20 Mar 2015 09:58:10 -0700
Message-ID: <CAJhTYQzwJr6K9MCH7rtTfqoFJHua1A5scVjAZ7JGH=Op4hsatg@mail.gmail.com>
To: Anders Rundgren <anders.rundgren.net@gmail.com>
Cc: "public-web-security@w3.org" <public-web-security@w3.org>
I think this discussion needs to be led by the browser developers and them
come to a conclusion on what they want to do. In my opinion, rest of the
community talking about it will continue to be futile.

-Siva


*--*


*Siva G. Narendra Ph.D. CEO - Tyfone, Inc.Portland | Bangalore |
Taipeiwww.tyfone.com <http://www.tyfone.com>*
*Voice: +1.661.412.2233*


On Thu, Mar 19, 2015 at 11:35 PM, Anders Rundgren <
anders.rundgren.net@gmail.com> wrote:

> Since these discussions seem to end-up in veritable "flame-wars", without
> any technical substance whatsoever, I suggest that we try (to the best of
> our ability...), to take one issue at a time and see where that leads us.
> I'm counting on Virginie collecting and monitoring the issues.
>
> May I start with one issue?
>
> "Dealing with different security hardware"
>
> There are many types of Security HW and systems.  Their interfaces are
> ranging from low-level ISO 7816 APDUs to high-level TEE schemes[1,2] where
> the input may be a transaction request and the output a transaction
> response while device I/O is taken over by the TEE.
>
> Question: How is this variation supposed to be dealt with?
>
> Cheers,
> Anders
>
> 1] http://www.globalplatform.org/specificationsdevice.asp
> 2] http://ipt.intel.com/Libraries/Documents/Technology_Overview_-_Intel%
> C2%AE_Identity_Protection_Technology_with_PKI.pdf
>
>
Received on Friday, 20 March 2015 16:58:57 UTC

This archive was generated by hypermail 2.3.1 : Friday, 20 March 2015 16:58:58 UTC