Digital signatures in the browser from NAZARE GONCALVES Bruno Goncalo on 2018-03-07 (public-web-security@w3.org from March 2018)

From: NAZARE GONCALVES Bruno Goncalo <brunogoncalo.nazare@ext.europarl.europa.eu>
Date: Wed, 7 Mar 2018 16:05:28 +0000
To: "'public-web-security@w3.org'" <public-web-security@w3.org>
Message-ID: <fa396f6f918f4b2abcb36406f15adad1@ext.europarl.europa.eu>

Dear Web Security IG,

I'm currently working for the European Parliament, looking for upcoming solutions to the problem of creating digital signatures with a smartcard directly from a web page, without resorting to additional software.

Thus, I would like to ask if there are any efforts currently underway to support this use case or if any will be undertaken in the foreseeable future.

I'm aware of the following initiatives that could be somewhat related:
- WebCrypto Key Discovery (https://www.w3.org/TR/webcrypto-key-discovery/)
- Web API For Accessing Secure Element (http://globalplatform.github.io/WebApis-for-SE/doc/)
- Hardware Based Secure Services features (https://rawgit.com/w3c/websec/gh-pages/hbss.html)

Have these been considered already? If so, what's the current sentiment surrounding them? If not, are there any plans to analyse these or similar solutions in the foreseeable future?

Best Regards,
Bruno GONÇALVES
Functional Analyst External Provider
European Parliament
Directorate-General for Innovation and Technological Support
Directorate for Development and Support
Evolution and Maintenance Unit
brunogoncalo.nazare@ext.europarl.europa.eu
www.europarl.europa.eu

Ce message contient des informations confidentielles à l'intention exclusive du destinataire. Il ne peut être utilisé, divulgué ou copié de quelconque façon que ce soit par une personne autre que le destinataire désigné. Si vous n'êtes pas le destinataire désigné, merci de contacter l'expéditeur et d'effacer ce message. L'expéditeur de ce message n'est pas mandaté à représenter le Parlement européen. Dès lors, ce message ne constitue pas nécessairement le point de vue officiel du Parlement européen, ni un engagement juridique opposable à ce dernier.
This message contains confidential information intended solely for the attention of the named addressee. It may not be used, disclosed or copied in any way whatsoever by anyone else than the intended addressee. If you are not the intended addressee, please contact the sender and delete this message. The sender of this message is not authorized to represent the European Parliament and therefore this message does not necessarily reflect the official position of the European Parliament and is not legally binding upon it.

Received on Wednesday, 7 March 2018 23:26:34 UTC