W3C home > Mailing lists > Public > public-hb-secure-services@w3.org > June 2016

[HBSS CG] Take away from our recent call

From: GALINDO Virginie <Virginie.Galindo@gemalto.com>
Date: Wed, 8 Jun 2016 09:58:32 +0000
To: "public-hb-secure-services@w3.org" <public-hb-secure-services@w3.org>
Message-ID: <540E99C53248CE468F6F7702588ABA2A0146C4D79A@A1GTOEMBXV005.gto.a3c.atos.net>
Dear all,

Here is the chair informal take away from our last call held on the 1rst of June, highlighting decisions and actions.


-          Wen reviewed the document provided by morpho (thanks again for that contribution)

-          We reminded that use cases should be provisioned by the different champions (gemalto and crypto, dt and transportation, morpho and identity) --> chairs to ping contributors

-          We decided that that our first technical feature would consider that credentials generated are used in the framework of the same origin --> editor to clarify that assumption in the text

-          We mentioned that we would have a dedicated threat to work on the idea of scoped credentials - that would allow to associate with some credentials some conditions of use, expanding the same origin policy --> chairs to organize the conversation

-          We discussed that means for selecting credentials by the users should be present and explicitely recommended in UA, to avoid any silent management of credentials --> editor to clarify this security requirement


Our next call is scheduled on the Wednesday 15th of June @ 14:00 UTC. Nevertheless, it happens that Sébastien would prefer to delay it by one day.  A dedicated thread will be landing soon on the mailing list.

Regards,
Virginie

________________________________
This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
Received on Wednesday, 8 June 2016 09:59:31 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 8 June 2016 09:59:32 UTC