Re: Continuing dismissing the SE API

Hi Anders, 

On Thursday, July 25, 2013 at 7:12 AM, Anders Rundgren wrote:

> There are already hundreds of millions users of mobile devices featuring embedded SEs.
> There are also numerous mobile bank apps in active use.
> 
> However, there's no practical way using the embedded SEs of the aforementioned devices for storing keys for the mobile bank apps.
> This is not due to a lack of an SE API, it is rather rooted in the SE concept itself.
> 
> Some people claim that this is the "intended business model" for SEs, while another camp (including myself) point out inferior SE technology as the culprit.
> Creating a useful SE API under these circumstances is probably no easier than resolving the middle-east conflict.

I think it's good hear that there are multiple views on SEs - has Telia (and members of the other camp) thought of joining the group and providing an alternative API? 
> If "losing face" is the primary consideration for keeping the SE API in the charter, the only realistic option is "rubber-stamping" Gemalto's proposal.

We don't do "rubber-stamping" and we have no face to lose, as we haven't actually started work on the SE API:) - the SE API is a "Phase 2" deliverable, which means it won't start until we've done significant work on the phase 1 items of the WG (see http://www.w3.org/2012/sysapps/). 

So, now is a great time to contribute alternative API proposals and ideas. Even if we standardize 2 solutions, then we just leave it to the market to decide. The W3C doesn't enforce standards - it leaves it to the market. 
> I don't have a problem with that but it doesn't have much to do with what you generally mean when you refer to something as a "standard".

Well, as the above is not happening, then you got nothing to worry about. Anyway, I invite you be constructive and put together an alternative proposal. 

Kind regards,
Marcos

Received on Thursday, 25 July 2013 09:10:40 UTC