- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Mon, 06 Aug 2012 12:25:13 +0200
- To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
I believe the [correct] conclusions made by Ryan in http://lists.w3.org/Archives/Public/public-webcrypto/2012Aug/0020.html verifies my claim that WebCrypto doesn't address on-line bank-applications since the fairly few that depend on client-side Public Key technology, currently do this through pre-provisioned or on-line provisioned X.509 certificates. This restriction is also valid for a pretty large number of other applications including e-government solutions. IMHO, it would be silly adding client-certificate support to WebCrypto without adding on-line provisioning as well. However, that would also raise the techno-political bar to a new height, potentially blocking the entire mission. I.e. the right action ought to be that client-certificates are moved to a specific WG. Related: http://datatracker.ietf.org/doc/draft-ietf-pkix-est <http://datatracker.ietf.org/doc/draft-ietf-pkix-est/> Thanx, Anders
Received on Monday, 6 August 2012 10:25:43 UTC