Re: Web Cryptography Working Group scoping progressing... from Channy Yun on 2011-11-11 (public-identity@w3.org from November 2011)

From: Channy Yun <channy@gmail.com>
Date: Fri, 11 Nov 2011 19:58:25 +0900
To: Harry Halpin <hhalpin@w3.org>
Cc: David Dahl <ddahl@mozilla.com>, Brian Smith <bsmith@mozilla.com>, public-identity@w3.org
Message-ID: <CAG5Kj5ESMSfk0wqKiVRbSc7K-6_6jEJj1VTbA4-Vb641qbM-sg@mail.gmail.com>

Channy
---------------------
Tech Evangelist : Web 2.0, Web Standards, Open Source and Firefox
http://channy.creation.net

2011/11/11 Harry Halpin <hhalpin@w3.org>

> **
> On 11/07/2011 11:24 AM, Channy Yun wrote:
>
> Hi, all.
>
> I know your first job is the primitive APIs for cryptography.
>
> But, many of use-cases in Cryptography API focused in CA service system
> with personal certificates.
> But, this is hard to consider another working group because of PKI based
> systems.
> (Most of countries has own national CA system based on plug-in issuing
> personal certificate such as China, Japan, Spain and Brazil etc.)
>
> How about adding parallel works for *Web Certificates (Service) API*supporting these one?
> We can add these as a scope including TLS/SSL based login/out with
> personal certificate and its management api(backup, restore)
> and follow up HSM based certificate.
>
>
> Is there any sample API that fulfills what you want, ideally one already
> being worked in web browsers?
>
>
I guess you saw my draft APIs for Web CA services:
http://html5.creation.net/webcrypto-api/
There have been many real world plugins in Korea, China, Spain, Denmark and
Brazil and etc...
Also some of them are duplicated with DOMCrypt API.



> I'm ok with that being "maybe" in scope but to do not want another API and
> would prefer to keep the scope minimal, i.e. for this WG to stay away from
> certificates per se (minus keeping functionality such as the aforementioned
> log out work that we might otherwise accidently deprecate).
>
> However, not all news is bad - I'm currently pushing for a workshop around
> the issues of Web Certificates in the spring of next year (which could lead
> to another WG focussing on the thorny issues of CAs) and we can put that in
> the "roadmap" for future work.
>

I'm okay if you're interested in gather stock holders for Web Certificate
Service as a working group. But, I'm sure that most of use cases of Web
Crypto API will be CA's service and the seperation of interests is not
good.

Channy

Received on Friday, 11 November 2011 10:59:19 UTC