- From: Anders Rundgren via GitHub <sysbot+gh@w3.org>
- Date: Mon, 05 Jun 2017 14:10:57 +0000
- To: public-web-nfc@w3.org
@zolkis wrote: > So you want to include a page id (origin/hash etc) in a read-only tag that guarantees integrity, so that any app can be sure the tag is associated with the given origin. Essentially that is it. > However, it is still vulnerable to MitM and replay attacks. Would it be possible describing a MitM attack? Replay is thwarted at the application level using one-time challenges that are invalidated after being used. > OOB channels are possible with devices, but not with tags Right. See updated use case: https://github.com/w3c/web-nfc/issues/128#issuecomment-306182806 -- GitHub Notification of comment by cyberphone Please view or discuss this issue at https://github.com/w3c/web-nfc/issues/128#issuecomment-306197277 using your GitHub account
Received on Monday, 5 June 2017 14:11:03 UTC