- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Wed, 12 Nov 2014 13:42:26 +0100
- To: Kingsley Idehen <kidehen@openlinksw.com>, public-webpayments@w3.org, "public-webid@w3.org" <public-webid@w3.org>
On 2014-11-12 13:28, Kingsley Idehen wrote: > On 11/12/14 7:00 AM, Anders Rundgren wrote: >> Somewhat unsurprising the platform vendors are beginning to focus on >> extending WebCrypto as the foundation for payments etc. >> >> https://www.w3.org/2012/webcrypto/wiki/images/d/dd/CertAndKey_Management_Requirements_for_WebCrypto_microsoft.pdf >> >> >> Anders >> >> >> > > Shouldn't you have pointed some of these parties to > <https://mobilepki.org/WebCryptoPlusPlus> ? > > They have PDFs, you have a live demo :) Thanx but actually, I don't think technical merits have much importance :-( Anyway, Microsoft's solution can be built on top of Windows, mine cannot since the Windows keystore mechanism doesn't offer what *I* consider core security: http://webpki.org/papers/key-access.pdf Microsoft's solution also doesn't comply with the *implicit* requirements put forward by the US government's "Derived Credential" program: http://defensesystems.com/articles/2014/11/10/comment-can-derived-credentials-replace-cacs.aspx > > BTW -- did you fix the IE issue I reported? IE 11, should work, earlier versions haven't been tested and only Chrome and Firefox beta really gives you the full picture (through JS console). Also note that steps 4-5-6 are performed through emulation - Not the real thing. Anders >
Received on Wednesday, 12 November 2014 12:42:59 UTC