W3C home > Mailing lists > Public > public-hb-secure-services@w3.org > April 2016

Re: [Hardware Based Secure Services IG] some topics to discuss

From: Wendy Seltzer <wseltzer@w3.org>
Date: Thu, 21 Apr 2016 09:16:04 -0400
To: JAVARY Bruno <B.JAVARY@oberthur.com>, "public-hb-secure-services@w3.org" <public-hb-secure-services@w3.org>
Cc: MOUGIN Nicolas <N.MOUGIN@oberthur.com>
Message-ID: <5718D294.1060000@w3.org>
Thanks Bruno!

A critical question is on your slide 10: how do we communicate between
the Web and the Smart Card, without opening a channel that can be
abused. Browsers want to be able to act as "user agents," to help users
protect their privacy and security, so are wary of plugin-style
interfaces. Can we specify further the functions we want to access
(which could then be abstracted to be provided by a smartcard or other
hardware device).

Talk with you soon,
--Wendy

On 04/21/2016 03:21 AM, JAVARY Bruno wrote:
> Hello all,
> I am unfortunately unavailable next week but I'll attend the call this afternoon.
> Please find attached a sum-up of our thoughts regarding that topic, I'll comment during the call.
> 
> Best regards,
> 
> Bruno Javary I Oberthur Technologies
> R&D Project manager | Citizen Access & Identity Business Unit
> 420 Rue d'Estienne d'Orves - CS 40008 - 92705 COLOMBES CEDEX | France
> b.javary@oberthur.com<mailto:b.javary@oberthur.com> I www.oberthur.com<http://www.oberthur.com/>
> 
> De : GALINDO Virginie [mailto:Virginie.Galindo@gemalto.com]
> Envoyé : mercredi 20 avril 2016 11:52
> À : public-hb-secure-services@w3.org
> Objet : [Hardware Based Secure Services IG] some topics to discuss
> 
> Dear all,
> I put together a list of topics we should discuss in the Community Group.
> This list is based on the different discussions I had in the last two years around the integration of secure services and is available here :
> https://github.com/w3c/websec/wiki/hardware-based-secure-services-:-topics-for-the-workshop
> Please do not hesitate to enrich, challenge, improve by commenting on this list.
> Regards,
> Virginie
> 
> ________________________________
> This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
> 


-- 
Wendy Seltzer -- wseltzer@w3.org +1.617.715.4883 (office)
Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
https://wendy.seltzer.org/        +1.617.863.0613 (mobile)
Received on Thursday, 21 April 2016 13:16:11 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 21 April 2016 13:16:12 UTC