- From: Martin Paljak <Martin.Paljak@ria.ee>
- Date: Mon, 16 Mar 2015 10:07:59 +0000
- To: GALINDO Virginie <Virginie.Galindo@gemalto.com>, Wendy Seltzer <wseltzer@w3.org>, Siva Narendra <siva@tyfone.com>, Harry Halpin <hhalpin@w3.org>
- CC: "public-web-security@w3.org" <public-web-security@w3.org>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>, Charles Engelke <w3c@engelke.com>
Hello, It is obvious to me, that in the current framework of WebCryptoAPI there is no room for smart card backed keys in a useful form, in reasonable timeframe. So instead of trying to fit into the framework where it does not want to fit, I set out to make a separate API to the existing solutions (plugins, extensions, localhost services) that bridge the gap between websites and platform-provided keys. This is an API that "looks lik" WebCrypto, to the extent that it hooks itself to window.hwcrypto (maybe it should be window.platformcrypto to make the point clear?) The targets should describe themselves: https://github.com/open-eid/js-token-signing/wiki And the initial "specification" is very simple and straightforward, but does the job and is probably re-usable across EU, at least. There is a set of requirements for the native code components, that are not yet published properly, but shall be appendix for the specificaiton, something we did while implementing the Chrome extension native components: https://github.com/open-eid/chrome-token-signing/wiki Any kind of feedback is highly appreciated. Martin
Received on Monday, 16 March 2015 10:08:27 UTC