RE: Summer reported activity [via Hardware Based Secure Services Community Group]

Anders,

Your issues are not "invalid", but kept for later. This CG is operating in an incubation mode. We are trying to build a quick demonstration that the use cases are interesting and feasible, we do not intend to solve all the problems related to all the listed use cases.

Thanks for not taking this as a way to shut your opinion, but rather as a balanced decision between 'there are problems' and 'lets move'.
Regards,

Virginie


-----Original Message-----
From: Anders Rundgren [mailto:anders.rundgren.net@gmail.com]
Sent: mardi 30 août 2016 07:33
To: Hardware Based Secure Services Community Group <ij@w3.org>; public-hb-secure-services@w3.org
Subject: Re: Summer reported activity [via Hardware Based Secure Services Community Group]

On 2016-08-29 16:16, W3C Community Development Team wrote:
> The Hardware Based Secure Services has entered into an interesting
> phase. As the report is finalized (except few editorial issues to
> solve),

This description of the current state ignores the fact that there are many and quite fundamental outstanding issues raised by one CG member (me).  The chairs have apparently declared those as "invalid".  That's OK but it could also backfire.


 > the CG members are
> prototyping. The prototypes are expected to be showed during the W3C
> TPAC F2F meeting in September in Lisbon. The targeted audience is
>
>       CG members attending the meeting on monday (details to be
> transmitted soon on the mailing list), and
>       TPAC attendees on wednesday during a breakout session
>
> The objective is to socialize the report and prototypes in order to
> get opinion from browser makers who objected to the creation of a working group on a similar scope.

My guess (FWIW) is that adding a "Trusted UI" and accessing pre-provisioned keys (read: smart cards) will prove to be more than difficult to get acceptance for.

In addition, this work is squeezed between WebAuthentication (https://www.w3.org/Webauthn/) and entirely different takes on how to extend the Web (https://www.w3.org/community/browserext/)
where the latter (among many things) enables Trusted UI/Crypto-using applications like:
https://cyberphone.github.io/doc/saturn/ui-demo/personalpaymentterminal.html


Anders


>
>
>
>
>
>
>
> ----------
>
> This post sent on Hardware Based Secure Services Community Group
>
>
>
> 'Summer reported activity'
>
> https://www.w3.org/community/hb-secure-services/2016/08/29/summer-repo

> rted-activity/
>
>
>
> Learn more about the Hardware Based Secure Services Community Group:
>
> https://www.w3.org/community/hb-secure-services

>
>
>


________________________________
 This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.

Received on Tuesday, 30 August 2016 10:05:33 UTC