W3C home > Mailing lists > Public > public-web-security@w3.org > March 2015

Re: Charter Proposal: "Trusted Code" for the Web

From: Hadi Nahari <hnahari@nvidia.com>
Date: Sun, 29 Mar 2015 15:34:44 +0000
To: Rigo Wenning <rigo@w3.org>, Siva Narendra <siva@tyfone.com>
CC: Anne van Kesteren <annevk@annevk.nl>, GALINDO Virginie <Virginie.Galindo@gemalto.com>, Mike West <mkwst@google.com>, "public-web-security@w3.org" <public-web-security@w3.org>, Anders Rundgren <anders.rundgren.net@gmail.com>
Message-ID: <4C01A845-7E0D-42AC-950D-D650D5709359@nvidia.com>


On Mar 29, 2015, at 8:25 AM, Siva Narendra <siva@tyfone.com<mailto:siva@tyfone.com>> wrote:


On Mar 29, 2015 8:21 AM, "Rigo Wenning" <rigo@w3.org<mailto:rigo@w3.org>> wrote:

On Wednesday 18 March 2015 12:58:27 GALINDO Virginie wrote:
> I don't see how you can state that this is a replacement of the smart card
> effort, without even consulting the companies supporting it.

I don't see that such an effort is "replacing" the smart card effort. I think
both will benefit from each other as it is one thing to have trusted (signed?)
code. But from my work with trusted computing, I also know that the key trust
has to come from somewhere. And here, as in the TPM, trusted hardware can play
a role. I don't know whether I want the full processing be solely on the smart
card (you could do that, I know), but a system could allow for a combination.

So, no, it does NOT replace work on smart cards, but it could complement that


This email message is for the sole use of the intended recipient(s) and may contain
confidential information.  Any unauthorized review, use, disclosure or distribution
is prohibited.  If you are not the intended recipient, please contact the sender by
reply email and destroy all copies of the original message.
Received on Sunday, 29 March 2015 15:35:19 UTC

This archive was generated by hypermail 2.3.1 : Sunday, 29 March 2015 15:35:19 UTC