- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Wed, 29 Jun 2011 11:07:53 +0200
- To: Henry Story <henry.story@bblfish.net>
- CC: "public-identity@w3.org" <public-identity@w3.org>
On 2011-06-29 09:21, Henry Story wrote: <snip>> > It would be great to have provisioning of such hardware devices be as easy as simple > keygeneration in a browser. > > I have heard of the keygen2 proposal, > http://webpki.org/auth-token-4-the-cloud.html > but I am not sure what other use cases more the advanced keygens are trying to solve - > probably because I have not yet hit those limits myself. A very basic bank-requirement that isn't met by current browser-vendor "keygen" solutions is the ability defining a PIN to a key. In a typical WebID scenario a PIN would probably be a user option but in the bank-world it is the bank that unilaterally sets the policy. A good "keygen" system should support different policies. A 10-pass protocol for setting a PIN may appear "slightly" over-engineered but KeyGen2 does a few other tricks as well :-) Regards, Anders
Received on Wednesday, 29 June 2011 09:08:55 UTC