- From: Ryan Sleevi <sleevi@google.com>
- Date: Mon, 6 Aug 2012 09:04:01 -0700
- To: Anders Rundgren <anders.rundgren@telia.com>
- Cc: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
On Mon, Aug 6, 2012 at 3:25 AM, Anders Rundgren <anders.rundgren@telia.com> wrote: > I believe the [correct] conclusions made by Ryan in > http://lists.w3.org/Archives/Public/public-webcrypto/2012Aug/0020.html > verifies my claim that WebCrypto doesn't address on-line bank-applications since the fairly few that depend on client-side Public Key technology, currently do this through pre-provisioned or on-line provisioned X.509 certificates. This restriction is also valid for a pretty large number of other applications including e-government solutions. > > IMHO, it would be silly adding client-certificate support to WebCrypto without adding on-line provisioning as well. However, that would also raise the techno-political bar to a new height, potentially blocking the entire mission. > I.e. the right action ought to be that client-certificates are moved to a specific WG. > > Related: > http://datatracker.ietf.org/doc/draft-ietf-pkix-est <http://datatracker.ietf.org/doc/draft-ietf-pkix-est/> > > Thanx, > Anders > > Hi Anders, I feel you may be misinterpreting my intentions. I certainly consider client certificates to be a very interesting and important use case, and certainly within the scope of our charter (http://www.w3.org/2011/11/webcryptography-charter.html - Secondary API features - "with a focus enabling the selection of certificates for signing and encryption") My goal with this ISSUE, and my comments about omitting from the FPWD, were merely to scope our effort for the next month. I think it would be very useful to include, but before we go down that route, I want to make sure we're able to address primary features first. Regards, Ryan
Received on Monday, 6 August 2012 16:04:34 UTC