- From: Ryan Sleevi <sleevi@google.com>
- Date: Thu, 9 Aug 2012 10:35:07 -0700
- To: Anders Rundgren <anders.rundgren@telia.com>
- Cc: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
On Tue, Aug 7, 2012 at 2:51 AM, Anders Rundgren <anders.rundgren@telia.com> wrote: > That is, you must be able to specify PINs including error-count for created keys in order to address banking. > PINs may also be use-set but matching a bank--defined policy. > > Anders > Hi Anders, As discussed previously, smart-card specific usages, such as pin specification, are out of scope. This also fits into the smart card provisioning scenario, which is also out of scope for the current efforts. However, thank you for your input into the general problems that would be faced if they were in scope. Please note that we're not necessarily trying to map an existing application 1:1 onto this API, but moreso to enable a class of applications. As such, while I realize that some applications may desire pin specific features, not all applications, including banking applications, fundamentally require them, thus they can still enable a rich experience even with 'only' the currently specced work. Regards, Ryan
Received on Thursday, 9 August 2012 17:35:35 UTC