W3C home > Mailing lists > Public > public-webcrypto-comments@w3.org > October 2012

The "Netflix" vs. the "Korean" use-cases

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Fri, 26 Oct 2012 13:51:39 +0200
Message-ID: <508A794B.4060908@telia.com>
To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
Netflix (if I got it right...) currently relies on pre-provisioned keys.  To make these keys usable with the WebCrypto API, Nextflix could pre-provision keys using a [presumably system-dependent] method that makes keys appear (to the WebCrypto API) as they actually were provisioned on-line, using the WebCrypto API.

I.e. Netflix would be hooking into the same-origin (*.netflix.com) security-model.

What I don't understand is how this fairly straight-forward scheme could be translated to already issued "unbound" keys like those used by the 25 million certificate-holders in Korea, do you?

Anders
Received on Friday, 26 October 2012 11:52:16 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 26 October 2012 11:52:16 GMT