Re: UseCase : Strong Personal Identity Certificate by CA

On 2012-08-13 07:46, Mountie Lee wrote:
> I think following use case can be considered.
> 
> CA issues strong personal identity certificates.
> it can be equivalent level to EVSSL on server side.
> 
> current personal certificate issued by CA is just checking email validity.
> 
> if web crypto API is widely accepted in major user agents
> certificate in user agents will have more functionality by using API.
> 
> as a CA, they can consider to issue new type of certificate with strong personal identity validation.

Hi Mountie,

Certificate provisioning is AFAIK outside of WebCrypto scope.

Banks and government agencies in the EU currently deploy their own software for provisioning since none of the user agents out there support provisioning of two-factor (key + PIN) authentication tokens [1].

Well, this wasn't entirely correct.  When there is a *business incentive* to support provisioning of two-factor tokens, it is (of course) honored:
http://googlecommerce.blogspot.co.uk/2012/08/use-any-credit-or-debit-card-with.html

Regards,
Anders

1] If you only need a client certificate and HTTPS you can use existing schemes like <keygen> and "CertEnroll".

> 
> regards
> mountie.
> 
> =======================================
> PayGate Inc.
> THE STANDARD FOR ONLINE PAYMENT
> for Korea, Japan, China, and the World
> 
> 
> 
> 

Received on Monday, 13 August 2012 07:35:47 UTC