W3C home > Mailing lists > Public > public-rww@w3.org > October 2013

Fwd: WebAuth - Replacement for HTTPS Client Certificate Authentication

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Fri, 25 Oct 2013 15:10:34 +0200
Message-ID: <CAKaEYhJj759DH74AdRi0C=VYFjy0cXVBE2JYDnOJ7QW91mYvaQ@mail.gmail.com>
To: public-webid <public-webid@w3.org>, public-rww <public-rww@w3.org>
FYI

---------- Forwarded message ----------
From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: 25 October 2013 12:48
Subject: WebAuth - Replacement for HTTPS Client Certificate Authentication
To: Web Payments CG <public-webpayments@w3.org>


Maybe of interest for authentication to payment systems
(although ideally you would rather just sign something):

http://webpki.org/papers/PKI/webauth.pdf

Comments are welcome!

There are 3 independent possible standards targets in this proposal:

1. Browser bindings for JSON protocol invocations

2. JSON Clear-text Signature:
https://openkeystore.googlecode.com/svn/resources/trunk/docs/JSON-Clear-Text-Signature-Scheme.pdf

3. And then WebAuth itself

Cheers
Anders
Received on Friday, 25 October 2013 13:11:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:10:43 UTC