Dear all, I have on behalf of a client, taken the liberty to investigate the state of client-side PKI support in web-browsers with respect to standards and interoperability. There were several reasons for performing this study, and a major such was that we have found that none of the pretty large Nordic e-government initiatives and on-line banks, actually use the browsers' built-in client-side PKI mechanisms at all, most of them rather rely on Java applets developed by various ISVs. The reason for this is very obvious: ============================================= Practically every piece of client-side Web-PKI, ranging from on-line certification support to on-line (web-form) signing, is currently entirely vendor-dependent ============================================= Assuming that there will be billions of users of Web-PKI in a few years from now (here adding the crowd likely to use "The Mobile Internet"), it seems that there could be a major task ahead for the W3C. There is a lot more to say on this subject but this could hopefully serve as a starter for discussions. Regards Anders Rundgren Independent Consultant, PKI and e-business + 46 70 627 74 37 (on CET)Received on Saturday, 1 November 2003 14:26:05 GMT
This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:18 GMT