- From: POTONNIEE Olivier <Olivier.POTONNIEE@gemalto.com>
- Date: Fri, 11 Apr 2014 21:33:39 +0200
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- CC: sysapps <public-sysapps@w3.org>, "psiddh@gmail.com" <psiddh@gmail.com>
> From: Anders Rundgren [mailto:anders.rundgren.net@gmail.com] > Sent: Thursday, April 10, 2014 10:00 PM > To: POTONNIEE Olivier > Cc: sysapps; psiddh@gmail.com > Subject: Re: Questions on the SE API draft 2014-04-03 > > On 2014-04-11 06:20, POTONNIEE Olivier wrote: > > The GlobalPlatform Access Control has a deterministic algorithm to > > deal with various secure elements, so there is no reason to be > "middleware hell". > > Doesn't this presume that the SE is GP compliant? > The current spec. doesn't (AFAICT) require that. [Olivier] Again, GP spec defines the behavior. Basically it requires GP access rules to be present on UICC, but will not block access to other SEs if they don't implement GP AC. See section 4 of the GP AC spec. > How about my questions on 1) user-consents 2) potential uses in > embedded libraries? > [Olivier] User consent and trust is something that has to be agreed on at a larger scale for SysApps APIs. As acknowledged during this week's F2F meeting, we need to define the security and permissions models. This will now take priority over specific APIs. This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited. E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender. Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus
Received on Friday, 11 April 2014 19:34:03 UTC