- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Fri, 20 Mar 2015 07:35:10 +0100
- To: "public-web-security@w3.org" <public-web-security@w3.org>
Since these discussions seem to end-up in veritable "flame-wars", without any technical substance whatsoever, I suggest that we try (to the best of our ability...), to take one issue at a time and see where that leads us. I'm counting on Virginie collecting and monitoring the issues. May I start with one issue? "Dealing with different security hardware" There are many types of Security HW and systems. Their interfaces are ranging from low-level ISO 7816 APDUs to high-level TEE schemes[1,2] where the input may be a transaction request and the output a transaction response while device I/O is taken over by the TEE. Question: How is this variation supposed to be dealt with? Cheers, Anders 1] http://www.globalplatform.org/specificationsdevice.asp 2] http://ipt.intel.com/Libraries/Documents/Technology_Overview_-_Intel%C2%AE_Identity_Protection_Technology_with_PKI.pdf
Received on Friday, 20 March 2015 06:36:04 UTC