[hardware-based secure services CG] today's call : informal take away from the chair

Dear all,

Here is an informal take away from the chair, from today's call. The actual draft minutes are here https://www.w3.org/2016/06/16-hb-secure-services-minutes.html

-          We discussed the recent improvement from the editors on the secure transaction confirmation https://rawgit.com/w3c/websec/gh-pages/hbss.html#dfn-method-confirm.

ACTION : All CG members are invited to comment that document which constitutes our basic deliverable

-          We mentioned that 2 area could deserver additional details : trusted UI (and the fact that it is implementation dependent), attestation (which could be a way to describe how user interaction and credential storage are managed in the context of the web app execution).

ACTION : editor to implement those clarification

-          The use cases in that document should be updated

ACTION : chair to ping Visa and DT

-          We reviewed the proposals for creating some scoped credentials http://www.w3.org/2016/06/01-hb-secure-services-minutes.html. In this proposal two options are offered, one where the browser stores the domains associated with the created credentials, another where the user and the service provider can adjust the list of authorized domain using a specific credential.

ACTION : All CG members are requested to give opinion.

-          We decided that we would have some prototypes of the 2 features 'secure transaction confirmation' and 'seure credential storage', if possible ready by September. To be discussed further.

-          The CG will meet during TPAC only if a sufficient number of CG members can travel to Protugal in September.

ACTION : chair to survey members presence and see how non-W3C members could benefit from the TPAC meeting

-          The next call will be on the Monday 28th of June @ 14:00 UTC

ACTION : chair to survey members presence


This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.

Received on Thursday, 16 June 2016 16:42:36 UTC