Re: Last call for Use-cases/Goals for web crypto charter from Brian Smith on 2011-11-25 (public-identity@w3.org from November 2011)

From: Brian Smith <bsmith@mozilla.com>
Date: Thu, 24 Nov 2011 18:42:10 -0800 (PST)
To: Harry Halpin <hhalpin@w3.org>
Cc: public-identity@w3.org
Message-ID: <457920974.179729.1322188929954.JavaMail.root@zimbra1.shared.sjc1.mozilla.com>

Harry Halpin wrote:
> 1) To determine if device is suitable for certain content
> 2) Loading keys from a USB/smartcard for financial transactions
>    ("Korean bank" use-case)
> 3) Identity claims signing
> 4) JS Code-signing
> 5) Helping OAuth

It would also be useful to know the necessary and sufficient features for each use case.

I believe some people expect to be able to create pure-JS S/MIME-like and/or PGP-like message privacy features, that have some useful security benefit over giving the keys to the messaging provider to store/use on its server, even though the email provider would deliver the JS that would use the crypto primitives to implement those privacy features.

- Brian

Received on Friday, 25 November 2011 02:42:40 UTC