- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Fri, 10 Aug 2012 09:29:26 +0200
- To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
I have seen references in the discussions to things like "more secure" key-storage like smart cards etc. This is something 99% of all web users have no idea about. Issuers surely do, but that's another thing which WebCrypto (in its current incarnation) doesn't address at all. If you do specific features for "security experts" I wouldn't be surprised if it will in the end only create problems for those who really need secure solutions, which IMO are those who don't care about security :-) In addition, I'm pretty sure that by the time WebCrypto is ready, all major platforms will have built-in security hardware so there is no distinction anymore. Related: Although I *may* qualify as a "security expert", I'm not able to tell if for example this scheme is secure or not: http://googlecommerce.blogspot.co.uk/2012/08/use-any-credit-or-debit-card-with.html Anders
Received on Friday, 10 August 2012 07:29:58 UTC