W3C home > Mailing lists > Public > public-automotive-pay@w3.org > May 2018

Re: [Minutes] was Re: [Agenda] 26 April Automotive Web Payments Task Force call

From: Stiepan Aurélien Kovac <skovac@sunrise.ch>
Date: Wed, 2 May 2018 13:20:08 +0200
To: public-automotive-pay@w3.org
Message-ID: <7b444aed-be20-d17d-aeda-da9911f11b0d@sunrise.ch>
Hi everyone,

Matt mentioned the likely need for strong encryption in the minutes.

We provide it through the CEX library, available on-line on
github.com/SteppenWolfe65/CEX , which is MISRA C++ 2014 compliant.
(notably, the RHX symmetric encryption, proposed as an ITU standard)

The current version is Windows-only, porting to embedded platforms is on
the way.

The license is GPLv3 and exemptions will be negotiated case by case.
This means you can still integrate it as a "black box" if you wish.
(without providing end users with your modified source code nor a
reference to us, providing we agree on a GPL exemption contract)

Additionally, paying customers enjoy legal protection in case of a data
protection breach which would be tied to the use of our library despite
our tedious work to make it quantum-safe (not to mention, safe against
classical threats), up to the maximum fine envisioned in the current
Swiss draft of the LPD / DSG, the CH adaptation of the EU's GDPR.
Credits to Volvo for the idea of assuming responsibility in case of
something going sideways: we believe that you are leading the way!

Note: as of now, our library is meant for payment, not real-time apps.

Best regards,
Stiepan A. Kovac
itk AVtobvS SARL
Received on Wednesday, 2 May 2018 11:24:20 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:06:18 UTC