- From: Siva Narendra <siva@tyfone.com>
- Date: Fri, 20 Mar 2015 09:58:10 -0700
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- Cc: "public-web-security@w3.org" <public-web-security@w3.org>
Received on Friday, 20 March 2015 16:58:57 UTC
I think this discussion needs to be led by the browser developers and them come to a conclusion on what they want to do. In my opinion, rest of the community talking about it will continue to be futile. -Siva *--* *Siva G. Narendra Ph.D. CEO - Tyfone, Inc.Portland | Bangalore | Taipeiwww.tyfone.com <http://www.tyfone.com>* *Voice: +1.661.412.2233* On Thu, Mar 19, 2015 at 11:35 PM, Anders Rundgren < anders.rundgren.net@gmail.com> wrote: > Since these discussions seem to end-up in veritable "flame-wars", without > any technical substance whatsoever, I suggest that we try (to the best of > our ability...), to take one issue at a time and see where that leads us. > I'm counting on Virginie collecting and monitoring the issues. > > May I start with one issue? > > "Dealing with different security hardware" > > There are many types of Security HW and systems. Their interfaces are > ranging from low-level ISO 7816 APDUs to high-level TEE schemes[1,2] where > the input may be a transaction request and the output a transaction > response while device I/O is taken over by the TEE. > > Question: How is this variation supposed to be dealt with? > > Cheers, > Anders > > 1] http://www.globalplatform.org/specificationsdevice.asp > 2] http://ipt.intel.com/Libraries/Documents/Technology_Overview_-_Intel% > C2%AE_Identity_Protection_Technology_with_PKI.pdf > >
Received on Friday, 20 March 2015 16:58:57 UTC