- From: Christiansen, Kenneth R <kenneth.r.christiansen@intel.com>
- Date: Tue, 24 Nov 2015 11:59:12 +0000
- To: Anders Rundgren <anders.rundgren.net@gmail.com>, "Web NFC (W3C)" <public-web-nfc@w3.org>
Hi there, I donĀ“t exactly follow you here. Could you explain in more details. You have a passive tag with holds the key and the page reads that to somehow authenticate? What is it that you want exposed to the passive tag - it is passive after all, - or are you thinking about peer to peer (unlock with phone?) It sounds like this might be a usecase for FIDO: https://fidoalliance.org/fido-alliance-announces-fido-authentication-poised-for-continued-growth-as-alliance-submits-fido-2-0-web-api-to-w3c/ Kenneth > -----Original Message----- > From: Anders Rundgren [mailto:anders.rundgren.net@gmail.com] > Sent: Sunday, November 22, 2015 7:25 AM > To: Web NFC (W3C) > Subject: Web NFC Security Context? > > Hi Guys, > I have only skimmed the specification so I may surely have missed > something... > > If you use NFC for things like authentication on Web where a connecting > device holds a key, you want such solutions to be "phish-free". AFAIK, this > requires that the security context of the requesting Web-page is available to > the connecting device. > > Is it? > > Cheers, > Anders
Received on Tuesday, 24 November 2015 11:59:56 UTC