W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2015

WebPortable/PlatformProprietary - An Established Concept

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Thu, 19 Feb 2015 15:35:14 +0100
Message-ID: <54E5F4A2.5000501@gmail.com>
To: public-webapps <public-webapps@w3.org>
HTTPS Client Certificate Authentication is supported by all browsers since almost 20 years back.
It exposes a fully standardized interface to Web Applications which simply is an URL.
In spite of that it is entirely proprietary with respect to integration in the browser platform
with implementations based on PKCS #11, CryptoAPI, JCE, .NET, NSS as well as working with a
huge range of secure key-containers like SIM, PIV, TEE, TPM, "Soft Keys".  This side of the
coin has not been standardized since it [provably] wasn't needed.

In: https://lists.w3.org/Archives/Public/public-webcrypto-comments/2015Jan/0000.html
Google's Ryan Sleevy writes:
    What you're looking for is
http://blog.chromium.org/2013/10/connecting-chrome-apps-and-extensions.html

This scheme could (after "Polishing" + W3C Standardization), without doubt support the same
powerful paradigm as HTTPS Client Certificate Authentication (WebPortable/PlatformProprietary),
for virtually any security application you could think of.

Cheers,
Anders
Received on Thursday, 19 February 2015 14:35:45 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:27:25 UTC