W3C home > Mailing lists > Public > public-webcrypto@w3.org > May 2013

Re: Follow-up. Re: Use case: Authenticate using eID

From: Aymeric Vitte <vitteaymeric@gmail.com>
Date: Fri, 17 May 2013 11:58:20 +0200
Message-ID: <5195FF3C.5090602@gmail.com>
To: Lu HongQian Karen <karen.lu@gemalto.com>
CC: Ryan Sleevi <sleevi@google.com>, Arun Ranganathan <arun@mozilla.com>, Mountie Lee <mountie@paygate.net>, "Richard L. Barnes" <rbarnes@bbn.com>, Nick Van den Bleeken <Nick.Van.den.Bleeken@inventivegroup.com>, "public-webcrypto@w3.org Group" <public-webcrypto@w3.org>

Le 16/05/2013 23:07, Ryan Sleevi a écrit :
> This approach does not work when Origin A provisions the key in a smart card without persists anything on the user computer, and Origin B wants to use the key without invoking Origin A. These are typical eID, eHealth, and other smart card use cases.
I don't see quite well how "Origin A provisions the key in a smart card" 
but in your summary you did not mention my example where originA passes 
the keys to originB, if this can apply to your healthcare/e-prescription 
use case in terms of security, so originA is involved just once.


Email :  avitte@jcore.fr
iAnonym : http://www.ianonym.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
Web :    www.jcore.fr
Extract Widget Mobile : www.extractwidget.com
BlimpMe! : www.blimpme.com
Received on Friday, 17 May 2013 09:56:04 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:17 UTC