- From: David Dahl <ddahl@mozilla.com>
- Date: Mon, 6 Jun 2011 09:41:15 -0700 (PDT)
- To: Anders Rundgren <anders.rundgren@telia.com>
- Cc: public-web-security@w3.org, "Richard L. Barnes" <rbarnes@bbn.com>
----- Original Message ----- From: "Anders Rundgren" <anders.rundgren@telia.com> To: "Richard L. Barnes" <rbarnes@bbn.com> Cc: "David Dahl" <ddahl@mozilla.com>, public-web-security@w3.org Sent: Monday, June 6, 2011 11:16:03 AM Subject: Smart Card support. Re: Request for feedback: DOMCrypt API proposal > Although I'm not a DOMCrypt champion, I think this is where DOMCrypt shouldn't go. PKCS #11 and Smart Cards are very complex and unsuitable for web programming. The biggest smart card maker Gemalto launched a web-interface for smart cards a few years back called SCConnect. Smart card support is on the 'back burner' for sure, however, I have gotten a lot of questions about how there can be a collaboration on smart card and 'crypto key' usage w/ DOMCrypt. > http://www.smartcardalliance.org/articles/2007/11/13/gemalto-receives-best-software-sesames-award-with-sconnect > Just to make things even more fun, both myself and Microsoft are working with new smart card interfaces to the web. MSFT's is currently secret but mine is not: > http://webpki.org/auth-token-4-the-cloud.html I will keep all of these links for further reading > I have taken this idea a bit further and thus mandate a specific "Web Token" architecture. Sounds good. I'll be watching your project. Cheers, David
Received on Monday, 6 June 2011 16:41:44 UTC