- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Fri, 31 Oct 2014 08:42:53 +0100
- To: "public-web-security@w3.org" <public-web-security@w3.org>
On a 50000 ft altitude installable secure web applications sounds like a cool idea. If you OTOH look at the current landscape for security applications like mobile banking they are to 99% built on "App" technology rather than the web. IMO, this won't change because app-environments like Android and iOS are developed at a much higher speed than the web. Spending EONs of time creating standardized installable security-oriented web-apps and associated APIs is therefore only a waste of time. The makers of "WebOSes" like Mozilla and Tizen probably gain more by creating proprietary "web-APIs". A generic TEE interface which has been suggested by GlobalPlatform is an example of a thing that would fit the description above. That does [absolutely] not mean that all is doom and gloom, it only means that future W3C work like WebCrypto.Next should continue building on the "open web" and leave stuff needing app-stores, user installations and vetting to the OS-vendors to cater for. They already do that with for example Apple Pay, Google Wallet and the Mozilla SE-API. Just my 2 öres (nowadays 2 centimes). - Anders
Received on Friday, 31 October 2014 07:43:39 UTC