W3C home > Mailing lists > Public > public-web-intents@w3.org > February 2015

Web2Native Bridge

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Tue, 03 Feb 2015 10:02:20 +0100
Message-ID: <54D08E9C.8020401@gmail.com>
To: public-web-intents@w3.org
All efforts combining security hardware with the web except for Google/FIDO U2F
have to date failed.   One of the reasons is that there are numerous of very different
"standards" for security hardware.  Another reason is that SOP doesn't really match
a wide class of secure applications including payments.

It is anticipated that the next iteration of Apple Pay will support the web as well.
IMO, it is extremely unlikely that Apple would do anything but "call" the Apple Pay
App from the web using something similar to Chrome Native Messaging:
http://blog.chromium.org/2013/10/connecting-chrome-apps-and-extensions.html

Although Chrome Native Messaging is super-cool, it needs considerable "polishing" to
support payments etc.  I have spent a few days trying to catch what I consider useful:
http://webpki.org/papers/web2native-bridge.pdf

Note: Web2Native Bridge only borrows the core concept (Invocation + Channel) from
Chrome Native Messaging.   That is, there are no extensions involved; it is a pure API.

Comments are (of course) extremely welcome!

Anders Rundgren
WebPKI.org
Received on Tuesday, 3 February 2015 09:03:00 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:58:47 UTC