W3C home > Mailing lists > Public > public-webpayments@w3.org > August 2014

W3C WebCrypto.Next Conference

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Mon, 11 Aug 2014 08:53:50 +0200
Message-ID: <53E8687E.5090001@gmail.com>
To: Web Payments CG <public-webpayments@w3.org>
http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/Overview.html

I hope to go (my position two papers were accepted) but I'm rather uncertain
that the outcome actually will very clear since there are two fundamentally
different approaches:
- Evolution: Adopt the web-platform to existing smart cards etc
- Revolution: Create complete systems from scratch

FIDO represents the latter.   It doesn't build on smart card APDUs and
cannot run on top of standard crypto APIs like PKCS #11.

Personally, I'm also into revolution since smart cards and PKCS #11 were
not designed to be invoked by arbitrary web-code which calls for entirely
new protection strategies like SOP.  The only "traditional" technology
(IMO) worth preserving is PKI.

Anders
Received on Monday, 11 August 2014 06:54:29 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:03:38 UTC