Hi Anders, > The problem with this and similar efforts is that you need a > *platform*. > > The only party that actually has a platform worth mentioning > is Apple with their iPhone. > > Popular, can host credentials, can be on-line provisioned, > great connectivity. Why do you need a platform? Why can't the browser manage your credentials (whether or not they are stored in a smart card). > Unfortunately I don't think the NSTIC people are prepared > shelling out any money except on projects using their "own" > platform, i.e. PIV. This platform is severely constrained > and does neither support multiple credentials nor on-line > provisioning. > > PIV doesn't fit your bank-case. > > That people outside the Feds doesn't have card readers is > also an indication how "off" this thing would be as a > foundation for a vibrant identity ecosystem. NSTIC is not about PIV. I believe many people involved with NSTIC think PKI certificates, such as those stored in PIV smart cards, are a thing of the past, to be replaced with "privacy-enhanced" credentials such as Idemix anonymous credentials or U-Prove tokens. I myself think PKI certificates have an important role to play going forward, coexisting with privacy-enhanced credentials. NSTIC is still pretty much a blank slate. The first workshop on technology has not taken place yet. I'm told it will take place in the Bay Area during the week of September 19. I encourage you to attend and contribute your ideas. > Platform = HW + SW. Francisco
Received on Wednesday, 20 July 2011 19:25:11 UTC