- From: Colin Gallagher <colingallagher.rpcv@gmail.com>
- Date: Mon, 25 Apr 2016 20:11:10 -0700
- To: GALINDO Virginie <Virginie.Galindo@gemalto.com>
- Cc: "public-web-security@w3.org" <public-web-security@w3.org>
- Message-ID: <CABghAMhXaZV3GMb-623D=fvdhKa3iMejMeon077Apd1k-VxFZg@mail.gmail.com>
What is presently the status of the Web Crypto Next charter(ing)? (ref.: https://www.w3.org/2012/webcrypto/webcrypto-next-workshop/report.html ) On Wed, Feb 18, 2015 at 4:41 AM, GALINDO Virginie < Virginie.Galindo@gemalto.com> wrote: > Dear all, > > (web security chair hat on) > > a lots of interesting and very diverse conversation going on here. I just > would like to remind the segmentation of topics and ownership in W3C in > ordre to help people to send their use cases, contributions and thoughts to > the appropriate location : > > - Web Crypto next charter > The charter will include anything related to cryptographic operation. At > the moment, the WG targets the maintenance of the specification to include > new algorithms (aka new curve familly). The group is currently discussing > the gemalto proposal for certificate management, integrating the usage of > hardware token for cryptographic operation, with no consensus on that > matter. if you are willing to support one of those topic, please speak on > the public-webcrypto mailing list [1]. > > - FIDO Alliance and authentication service > The topic of authentication is currenlty owned and discussed by FIDO > Alliance. the level of service expected there is about enrollement and > authentication opertaions. That technology is backed by a strong strategy > by Microsoft and Google. I suggest we let FIDO Alliance decide when they > are ready to input to W3C their contribution in terms which are compliant > with W3C IP policy. > > - Web Payment services > That topic is discussed in the Web Payment Interest group, whihc is > currently gathering use cases. There are no technical requirements, no > technical proposal endorsed in the IG as of today. It may happen that the > Web Payment IG ends with that kind of consensual requirements. I can only > encourage people interested in payment to join the IG or at least monitor > their deliverables [2]. > > - Any service accessing secure element > That topic will not be adressed in the Web Crypto next charter, it has > been rejected by main browser makers attending that WG. The way to go on > the discussion could be either to create a W3C community group, it is very > light and easy to manage and join. But there is another possibility : from > what I see, GlobalPlatform is willing to host the discussion in ordre to > allow all players to design a flexible technical solution, allowing browser > to integrate in a flexible way any services using hardware token. GP will > soon open a public working group, with an IP policy compliant with W3C one, > to discuss that. > > Again, that mail is not to prevent you to share here your ideas and > comments, but gives you guideline to make sure your are heard in the > appropriate group(s). > > Regards, > Virginie > chair of the Web Security IG > > > [1] https://lists.w3.org/Archives/Public/public-webcrypto/ > [2] http://www.w3.org/Payments/IG/ > ------------------------------ > This message and any attachments are intended solely for the addressees > and may contain confidential information. Any unauthorized use or > disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable for > the message if altered, changed or falsified. If you are not the intended > recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this transmission > free from viruses, the sender will not be liable for damages caused by a > transmitted virus. > ------------------------------ > This message and any attachments are intended solely for the addressees > and may contain confidential information. Any unauthorized use or > disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable for > the message if altered, changed or falsified. If you are not the intended > recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this transmission > free from viruses, the sender will not be liable for damages caused by a > transmitted virus >
Received on Tuesday, 26 April 2016 03:12:14 UTC