- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Tue, 14 Aug 2012 21:37:59 +0200
- To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
I'm thinking of a solution where an X.509 certificate (provisioned in an arbitrary way), is fitted with an extension holding a set of legitimate RP domains. The purpose is to limit involuntary exposure of privacy-impeding information like SSNs or account numbers. Using my terminology, this extension would be honored by credential filtering processes. BTW, if a key-store is architected like SKS, the extension would also be applicable to symmetric keys. Anders
Received on Tuesday, 14 August 2012 19:38:29 UTC