- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Fri, 23 May 2014 07:53:55 +0200
- To: Marcos Caceres <w3c@marcosc.com>, "Oda, Terri" <terri.oda@intel.com>
- CC: public-sysapps@w3.org, Dave Raggett <dsr@w3.org>
On 2014-05-22 18:31, Marcos Caceres wrote: > > > On May 22, 2014 at 12:11:29 PM, Oda, Terri (terri.oda@intel.com) wrote: >> FIDO, at least, will a topic of discussion at the WebCrypto workshop in >> September: >> >> http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/Overview.html >> >> That workshop is in Mountain View on Sept 10-11th > > FWIW, I think SE should probably be moved to the WebCrypto WG. Although I know we > have some great SE experts here, there are more people that could contribute to > making SE happen on the Web in the WebCrypto WG... just my feeling about this. The crux is that the SE concept itself has changed considerably during the last 2-3 years which makes it a poor candidate for standardization. Today most vendors are targeting integrated security architectures where the SE portion has quite different characteristics compared to for example SIM-cards. http://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdf https://www.samsungknox.com/en I have recently had contact with two major players in this space and they are both considering open source efforts rather than standardization. IMO, this is a good idea since formal standardizing of a security architecture wouldn't get traction. Continuing the current smart-card-oriented SE API standardization project is of course possible, the question is rather how interested vendors really are. Anders > >
Received on Friday, 23 May 2014 05:54:35 UTC