W3C home > Mailing lists > Public > public-web-security@w3.org > March 2015

Re: Nice report from NIST Workshop

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Sun, 29 Mar 2015 17:54:04 +0200
Message-ID: <5518201C.9070107@gmail.com>
To: Siva Narendra <siva@tyfone.com>
CC: public-web-security@w3.org, Rigo Wenning <rigo@w3.org>
On 2015-03-29 17:31, Siva Narendra wrote:
> Dead-end because the data used to arrive are myths and are grossly inaccurate.
 > See my presentation from the workshop:
 > http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/slides/hardwaretokens/tyfone.pdf

Dear Siva,

The first part of your presentation which shows HTTPS CCA (Client Certificate Authentication)
works fine because it builds on what I call "Trusted Code".  Due to that it doesn't even
have to honor SOP!  The whole HTTPS CCA engine and UI is a part of the trusted platform.

Transiently downloaded web-code doesn't meet this criterion.

Therefore I have suggested a way to address this problem as well as a bunch of other equally
difficult topics.  I haven't received a single comment or question on that which either means
that the proposal is "unintelligible", completely broken, or something else.



> On Mar 29, 2015 8:26 AM, "Anders Rundgren" <anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> wrote:
>     On 2015-03-29 17:11, Rigo Wenning wrote:
>         http://pomcor.com/2015/03/24/__highlights-of-the-nist-__worshop-on-piv-related-__special-publications/ <http://pomcor.com/2015/03/24/highlights-of-the-nist-worshop-on-piv-related-special-publications/>
>         Interesting to see that they use NFC for Personal Identity Verification to
>         connect to smart cards. Meanwhile W3C has hard times finding support for the
>         work on NFC and the connection to smart cards.. Will it be impossible to
>         connect the NIS work to the Web?
>     No it is actually quite doable but the method once thought (even by me...) as "the solution" turned out to be a dead-end.
>     The interest in discussing alternatives routes to the same goal seems to be rather limited.
>     Anders
>            --Rigo
Received on Sunday, 29 March 2015 15:54:37 UTC

This archive was generated by hypermail 2.3.1 : Sunday, 29 March 2015 15:54:38 UTC