- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Thu, 03 Nov 2011 10:12:21 +0100
- To: Harry Halpin <hhalpin@w3.org>
- CC: public-identity@w3.org
On 2011-11-03 03:37, Harry Halpin wrote: > Everyone, > > While the use-cases need to be more compelling and I'm pretty sure the > browser-specific language is still present, the scoping is getting closer > we think: > > http://www.w3.org/wiki/IdentityCharter > > This was created after the meeting at TPAC on the "break-out" session. > > cheers, > harry > > > "Use cases include securing high-value transactions, signing and verifying content" "out of scope: .., access control beyond enforcement of the same-origin policy" These lines do not match what is going on elsewhere. A few examples that comes to my mind: 1. Access control by the use of provider-supplied PINs is pretty much standard for "high-value transactions" since ages ago. 2. Other key access control schemes include restricting key-usage based on "app". Its already a part of Google's wallet. If the idea is going for the needs of the corporate, banking and financial markets, I think we/you are going to face major hurdles and excessive time-lines. Regards, Anders
Received on Thursday, 3 November 2011 09:20:15 UTC