W3C home > Mailing lists > Public > public-webcrypto@w3.org > June 2012

Re: Need for Smart Card support

From: Wan-Teh Chang <wtc@google.com>
Date: Tue, 12 Jun 2012 15:15:25 -0700
Message-ID: <CALTJjxHNhqVE6RwpgS3Uyvf7h2PPbaWXXvQrTmhAPwekjzN0Rg@mail.gmail.com>
To: Ryan Sleevi <sleevi@google.com>
Cc: Vijay Bharadwaj <Vijay.Bharadwaj@microsoft.com>, Lu HongQian Karen <karen.lu@gemalto.com>, David Dahl <ddahl@mozilla.com>, Ali Asad <Asad.Ali@gemalto.com>, "James L. Davenport" <jdavenpo@mitre.org>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
On Mon, Jun 11, 2012 at 6:13 PM, Ryan Sleevi <sleevi@google.com> wrote:
>
> As I see it, there's two parts of the API needed:
> 1) An intent, by the web site, to indicate interest in keys matching certain
> criteria
> 2) A confirmation, by a user, that the web site is authorized for such keys.
>
> A very, very bad pseudo-API that I haven't thought through entirely, and is
> effectively something very similar to the MediaQueryList interface [1].
>
> interface KeyQueryCriteria {
>
> // Some sort of criteria such as algorithm, mode, id, etc
> // It may even indicate keys that are bound to certificates, where the
> certificate meets some criteria (eg: as is done in SSL/TLS client auth and
> for document signatures)
>
> // Multiple criteria are ANDed together. OR is handled by creating multiple
> listeners. NOT is not supported?
>
> }
>
> interface KeyQueryList {
>
> readonly attribute KeyQueryCriteria criteria[];
>
> void addListener(KeyQueryListListener listener);
>
> void removeListener(KeyQueryListListener listener);
>
> }
>
> [Callback, NoInterfaceObject]
> interface KeyQueryListListener {
>
> void onKeyAdded(KeyQueryList kql, KeyID keyId);
>
> void onKeyRemoved(KeyQueryList kql, KeyID keyId);
>
> }
>
> A web site may use this by doing something like:
>
> var kql = window.crypto.queryKey([Some, Criteria, Here]);
> kql.addListener({
>   onKeyAdded: function(query, keyId) {
>   },
>   onKeyRemoved: function(query, keyId) {
>   }
> );
>
> KeyID may be a string identifier or may be a handle to an existing key
> (whatever is appropriate, I'm not sure).

This kind of API can be very useful for handling smart cards.  Here is
Mozilla's offering in this area:
https://developer.mozilla.org/en/JavaScript_crypto#Handling_smart_card_events
http://html5.creation.net/webcrypto-api/#enablesmartcardevents-attribute

Wan-Teh
Received on Tuesday, 12 June 2012 22:15:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 12 June 2012 22:15:56 GMT