- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Mon, 02 Jul 2012 10:13:39 +0200
- To: public-webcrypto-comments@w3.org, samuel.erdtman@nexussafe.com
Received on Monday, 2 July 2012 08:14:17 UTC
Hi Samuel, I think most the stuff you write about is out-of-scope for the WebCrypto WG. I don't think that you actually can build applications that mimic the Nexus "Personal" product based on /transient downloaded code/ running in a browser window. Wan-Teh's signature write-up is though an exception since it is really a complete application: http://lists.w3.org/Archives/Public/public-webcrypto/2012Jun/0037.html I have earlier developed a more advanced version of a Web Signature proposal: http://webpki.org/papers/wasp/wasp-tutorial.pdf http://code.google.com/p/openkeystore/source/browse/trunk/library/src/org/webpki/wasp/wasp-core.xsd I'm (nowadays) mainly interested in Certificate Enrollment since the schemes supported by the current platforms are (as I have been banging on peoples' heads about for/years/) essentially inadequate, /in addition to being all-over-the map/. The PIN you are mentioning in your use-case is often not even supported by the underlying crypto system like the NSS "SoftToken". Best regards Anders Rundgren User of Nexus personal, Vendor to BankID, and PKI/Web Technologist.
Received on Monday, 2 July 2012 08:14:17 UTC