- From: Brent Shambaugh <brent.shambaugh@gmail.com>
- Date: Mon, 21 Mar 2022 13:13:27 -0500
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- Cc: Orie Steele <orie@transmute.industries>, Credentials Community Group <public-credentials@w3.org>
- Message-ID: <CACvcBVo6e+ZnRzWZQeXNDMMOrpW93iDhWM6M9y8GiuS6B9X1vQ@mail.gmail.com>
I might need to follow up with the TangemID people. I am not sure how to reach them. I have an installation of their Tangem ID app on my iPhone. I just ran through the process with the issuer/verifier and credential wallet cards and I got an error “This data cannot be signed”. I do have an NFC reader and an NFC reader/writer in addition to what is available with my iPhone. On Monday, March 21, 2022, Anders Rundgren <anders.rundgren.net@gmail.com> wrote: > On 2022-03-21 13:45, Orie Steele wrote: > >> Although the firmware is proprietary, if WebNFC supported APDU, these >> crypto currency wallet NFC Cards would almost give you what you want. >> > > What I "want" is more basic: a replacement/complement to QR codes since QR > codes are (like passwords), susceptible to traditional phishing attacks due > to the lack of binding between the Web page and an URL provided in an > embedded QR image. > > To succeed, NFC would eventually have to become a part of the PC/Mac > platform which obviously will never happen unless something along these > lines becomes a standard. > > Thanx, > Anders > > >> https://tangem.com/en/ <https://tangem.com/en/> >> >> I have tested them in "Kiosk" setups and they allow for vanilla EdDSA or >> ES256K from hardware isolated keys. >> >> Unfortunately, you need a regular card reader to interact with them, >> because web nfc does not expose the APDU interface. >> >> So they pair their solution with a Native App. >> >> I wouldn't say it's "too late"... there are currently 0 registered >> standard payment method identifiers: https://www.w3.org/TR/payment- >> method-id/#registry <https://www.w3.org/TR/payment-method-id/#registry> >> >> It does seem like somehow the folks who needed to be in the same room to >> make this happen got spread across different WGs. >> >> OS >> >> On Mon, Mar 21, 2022 at 7:21 AM Anders Rundgren < >> anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> >> wrote: >> >> On 2022-03-21 13:13, Orie Steele wrote: >> > I'm not sure what exactly the proposal is. >> > >> > NDEF Tags and QR Codes can contain URLs which can then be used to >> invoke applications. >> > >> > Are you hoping for more general purpose NFC APIs that are not >> limited to mobile browsers? >> >> Hi Orie, >> >> Since the boat has sailed I'm not really hoping on anything :( >> >> The idea is pretty well described in this GitHub issue: >> https://github.com/w3c/web-nfc/issues/140 <https://github.com/w3c/web-nf >> c/issues/140> >> >> Thanx, >> Anders >> >> >> > >> > OS >> > >> > On Sat, Mar 19, 2022 at 1:52 AM Anders Rundgren < >> anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com> >> <mailto:anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gm >> ail.com>>> wrote: >> > >> > Since the original topic is extremely large, I take the >> liberty focusing on a related item which I have been actively involved in. >> > >> > Google and Intel have created an API that makes it possible >> reading and writing certain types of RFID tags from a mobile browser. >> That's fine but this use case is already supported by much more powerful >> native apps. >> > >> > I claimed early on (and to no avail), that mobile devices >> (phones) with native apps interacting with Web pages running in desktop >> computers have lots of already established applications that could benefit >> from a better solution. >> > >> > The current solution to this generic use case are QR codes >> which require you to manually start a specific application, alternatively >> provide some private information which can be used for Web push. >> > >> > Since QR codes do not provide the security context of the Web >> page, this solution is susceptible to phishing. >> > >> > >> > The only people outside of Google and Intel who have been >> visible in this activity are RFID vendors. The payment industry were not >> there. The same goes for the identity folks. >> > >> > I would like to restart this activity but not alone. Getting >> NFC back in PCs will not happen overnight, if ever. >> > >> > Thanx, >> > Anders >> > https://github.com/w3c/web-nfc/issues/128 < >> https://github.com/w3c/web-nfc/issues/128> <https://github.com/w3c/web-nf >> c/issues/128 <https://github.com/w3c/web-nfc/issues/128>> >> > >> > >> > >> > -- >> > *ORIE STEELE* >> > Chief Technical Officer >> > www.transmute.industries >> > >> > <https://www.transmute.industries <https://www.transmute.industr >> ies>> >> >> >> >> -- >> *ORIE STEELE* >> Chief Technical Officer >> www.transmute.industries >> >> <https://www.transmute.industries> >> > > > -- -Brent Shambaugh GitHub: https://github.com/bshambaugh Website: http://bshambaugh.org/ LinkedIN: https://www.linkedin.com/in/brent-shambaugh-9b91259 Skype: brent.shambaugh Twitter: https://twitter.com/Brent_Shambaugh WebID: http://bshambaugh.org/foaf.rdf#me
Received on Monday, 21 March 2022 18:18:55 UTC