W3C home > Mailing lists > Public > public-webcrypto-comments@w3.org > November 2012

GlobalPlatform's scheme for key/applet access control

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Mon, 26 Nov 2012 16:34:27 +0100
Message-ID: <50B38C03.2090401@telia.com>
To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
If you look at the section "How does it work" in:

    http://code.google.com/p/seek-for-android/wiki/AccessControlIntroduction

it seems that the core idea that it is the resource itself that declares which applications that are allowed to access it.  The applications are recognized by their digital signature.

That is, this is a possible scheme for pre-provisioned keys which is independent of web origins.

It is possible that it is difficult translating this scheme to web but it might be worth investigating this anyway since the scheme will likely be a part of future devices.

The net result would be a unified API for performing cryptographic operations on keys but with two distinct methods for key discovery.

Anders
Received on Monday, 26 November 2012 15:35:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 26 November 2012 15:35:09 GMT