W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2015

Re: The futile war between Native and Web

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Mon, 16 Feb 2015 08:09:02 +0100
Message-ID: <54E1978E.5000708@gmail.com>
To: Florian Bösch <pyalot@gmail.com>, noloader@gmail.com
CC: public-webapps WG <public-webapps@w3.org>
On 2015-02-16 07:48, Florian Bösch wrote:
> On Sun, Feb 15, 2015 at 10:59 PM, Jeffrey Walton <noloader@gmail.com <mailto:noloader@gmail.com>> wrote:
>     For the second point, and as a security architect, I regularly reject
>     browser-based apps that operate on medium and high value data because
>     we can't place the security controls needed to handle the data. The
>     browser based apps are fine for low value data.
> I'm not sure what "high value data" is. But I'm fairly sure that just about any e-banking solution in existence is browser based.

Unfortunately this is wrong and is why I started this thread. Mobile banking applications in Europe are usually featured as "Apps".
This has multiple reasons; one is that there's no way to deal with client-side PKI and secure key storage in the mobile web.

> So I'm guessing your definition of "high value data" doesn't include banking access. You work for the NSA? Oh snap, the high value data just walked out there on a USB stick.


Received on Monday, 16 February 2015 07:09:47 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:14:43 UTC