- From: Siva Narendra <siva@tyfone.com>
- Date: Tue, 11 Feb 2014 07:37:16 -0800
- To: anders.rundgren.net@gmail.com
- Cc: public-webcrypto-comments@w3.org, GALINDO Virginie <Virginie.GALINDO@gemalto.com>
- Message-ID: <CAJhTYQxFSAUn6+qwa+yJuipp8jdQoyrJsKLE_HYBVYm-0R4Xvg@mail.gmail.com>
Anders & Co. SIM cards are not the only secure element solution or form factor. There are microSD, USB, Bluetooth interface form factors that are not locked by carriers and they are device agnostic. In fact some of them can be used across multiple devices. And Smart cards that run Java card OS can be used to load virtually any security applet. There seems to be some preconceived notions of what smart cards are. I would request all of you to have an open mind based on the fact that smart card silicon is the one of the only, if not the only, globally standard hardware that exists today that is certified by ISO, Global Platform and Common Compliance standards. Let me reiterate - the proposal is not smart cards instead of other hardware. But rather the proposal is smart card be supported in this community if hardware is in scope. Irrespective of W3C community support or not smart card interface to Webcrypto API will happen. There is a community of companies that will build it. We already are, based on work that was done with Firefox. It is really up to all of you to decide if W3C will take the dogmatic position of not supporting smart cards, which seems to be the prevailing position. Silva On Feb 11, 2014 7:06 AM, "Anders Rundgren" <anders.rundgren.net@gmail.com> wrote: > > http://lists.w3.org/Archives/Public/public-webcrypto-comments/2014Feb/0009.html > > "The U2F use case is one specific use case which is bringing new features > to the web crypto API. I do not see why the existence of the U2F would > preclude the discussion related to the integration of hardware token (or > any secure element) in the web crypto, for which we have imagined to have a > workshop this year. Note that It is still on my side to propose a strawman > proposal for the workshop" > > Since SIM-cards are locked by operators there's little point with an SE > interface to WebCrypto, it will most certainly go the same way the WAP/WSIM > interface once did; in the toilet. > As Ryan mentioned in > http://lists.w3.org/Archives/Public/public-webcrypto-comments/2014Feb/0008.htmlISO 7816 is probably not the right technical foundation either. > > If the operators (=the actual customers) and Gemalto still believe this is > interesting it seems more logical running a combined standardization/open > source effort together with them. > > Related: > http://letstalkpayments.com/google-says-goodbye-carrier-based-nfc-systems > > Anders > >
Received on Tuesday, 11 February 2014 15:37:44 UTC