- From: Channy Yun <channy@gmail.com>
- Date: Mon, 7 Nov 2011 19:24:49 +0900
- To: David Dahl <ddahl@mozilla.com>
- Cc: Brian Smith <bsmith@mozilla.com>, public-identity@w3.org
- Message-ID: <CAG5Kj5GWKdqgcqzz1coDn0FH=fY_LDQSnS5pJJ8F6FJ0ou3rVg@mail.gmail.com>
Hi, all. I know your first job is the primitive APIs for cryptography. But, many of use-cases in Cryptography API focused in CA service system with personal certificates. But, this is hard to consider another working group because of PKI based systems. (Most of countries has own national CA system based on plug-in issuing personal certificate such as China, Japan, Spain and Brazil etc.) How about adding parallel works for *Web Certificates (Service) API*supporting these one? We can add these as a scope including TLS/SSL based login/out with personal certificate and its management api(backup, restore) and follow up HSM based certificate. p.s. of course, it's not only secure authentification, but also needs with connection of two factor method. Channy --------------------- Tech Evangelist : Web 2.0, Web Standards, Open Source and Firefox http://channy.creation.net 2011/11/4 David Dahl <ddahl@mozilla.com> > I think this is something that we can keep on a "roadmap". The scope of > the crypto API will necessarily be narrow for the first iteration, adding > any kind of UI is something we should plan for in a later iteration. > > Cheers, > > David > > ----- Original Message ----- > From: "Brian Smith" <bsmith@mozilla.com> > To: channy@gmail.com > Cc: public-identity@w3.org > Sent: Thursday, November 3, 2011 6:44:31 PM > Subject: Re: Web Cryptography Working Group scoping progressing... > > Channy Yun wrote: > > 3) Some of functions as like key pare generation and digital signature > > generation require browser's user interface. It needs universal > > interface guideline for security issues. > > Are smartcard digital signatures on transactions like the ones required in > e-commerce / e-banking transactions in Korea, China, and elsewhere (tied to > "real" legal identities) going to be considered in scope? From reading the > draft scope document, I got the impression that this would be out of scope. > I think it is OK for it to be out of scope, as long as there is some other > (formal or informal) group working on standardizing this. It is a high > priority for us. > > Cheers, > Brian > >
Received on Monday, 7 November 2011 13:08:36 UTC