W3C home > Mailing lists > Public > public-webcrypto-comments@w3.org > October 2012

Re: crypto-ISSUE-15: Discovering certificates associated with (private) keys

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Mon, 15 Oct 2012 18:28:06 +0200
Message-ID: <507C3996.7080706@telia.com>
To: David Dahl <ddahl@mozilla.com>
CC: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>, Mountie Lee <mountie.lee@gmail.com>
On 2012-10-15 17:57, David Dahl wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 10/13/2012 12:08 AM, Anders Rundgren wrote:
> >http://lists.w3.org/Archives/Public/public-webcrypto/2012Oct/0066.html
> >
> > Because this what the plugin folks all over the world actually do, I concur with Mountie: "The time is NOW".
> >
> > There is (as you should know by now) also a proposal for this. It's incompatible with most vendors' cryptographic platforms but that may be the price to pay when you want (?) to challenge proprietary one-purpose solutions with standards. Nobody said it was easy either :-)
> >
> > David, since you initiated the "web crypto craze", what's your take on this?
> Anders:
>
> Are you referring to your proposal?

Yes, is there any other concrete proposal?

> Is Mountie familiar with it?

I haven't received feedback from any WG member.  I believe Mountie rather expects the WG to address this issue NOW (=ASAP).

>
> As far as supporting certs in the spec, with the low-level API it seems natural to do so, however, this is definitely not a primary issue to resolve in the near term.

A primary issue is resolving how you discover and access keys stored in existing (often platform-wide) key-stores.
Without such a solution, the rest is probably of moderate interest to people involved in large-scale deployments of OOB-proviosioned keys.

Mountie mentioned some 25M people in Korea, and in Sweden half of the population is equipped with certificates for on-line access.

Cheers,
Anders

>
> Cheers,
>
> David
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
>
> iQEcBAEBAgAGBQJQfDJdAAoJEJfYh8Nd7p0f0roH/09CJ+wojUl+U1opzcRJUlCV
> bRIbpG0TlxADmk16WlcXZqdWAXzE90IXcGqd4rv3dK+KZ5sOWSnaQziyNnjqXFGw
> KqpiD6u7Jl23HQ+IaePzgELPxbbDRqzFSLVaqaVN341nOGI6vKz4dJGWGk0H1g07
> IOsBaAiDN3fZNzndt5bkuZYc7tZ0IGmgcMQMCkpIPwK0lN5FM0ELGwih1LRMvb7Q
> FsPMs7fWaB2+bSQ5QgNMbJyaP1tdSBANAog/KxYN0Qrjq7nYZ2JcsVhWs1p3q6nz
> d4/IKf2JHsNjvfaMcgdVE+35uAhQEkjirYPZ73Mij/VaIe3OG1EfzVieaWc3UX8=
> =fxM6
> -----END PGP SIGNATURE-----
>
Received on Monday, 15 October 2012 16:28:48 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 15 October 2012 16:28:49 GMT