RE: Technology Nexus Web Cryptography API use-cases

Hi Anders,

Thanks for the comments, Ill try to explain how I was thinking.

Im not aiming to build a complete replica of Nexus Personal, what Im mainly looking for is a common way to access a crypto provider from the browser, and then register e.g. Nexus Personal as a crypto provider to give access to smart cards. This summarizes most of the use-cases that I sent in.

I think that Wan-Teh's signature write-up ( is a subset of mine. Mine is just a more generalized description of the need for smart-card support, but with a more specific technical description.

Further I wanted to put soma extra focus on signatures in the Web Crypto API which currently have very few use-cases on signing (

In the cases where PIN is not supported by the a SoftToken I would imagine the crypto provider either just blindly accepting the request signing it or provide the user with a dialog to accept signing operation.


Samuel Erdtman  |  Developer
Nexus Group  |<>
From: Anders Rundgren []
Sent: Monday, July 02, 2012 10:13
To:; Samuel Erdtman
Subject: Re: Technology Nexus Web Cryptography API use-cases

Hi Samuel,
I think most the stuff you write about is out-of-scope for the WebCrypto WG.

I don't think that you actually can build applications that mimic the Nexus "Personal" product based on transient downloaded code running in a browser window.

Wan-Teh's signature write-up is though an exception since it is really a complete application:

I have earlier developed a more advanced version of a Web Signature proposal:

I'm (nowadays) mainly interested in Certificate Enrollment since the schemes supported by the current platforms are (as I have been banging on peoples' heads about for years) essentially inadequate, in addition to being all-over-the map.  The PIN you are mentioning in your use-case is often not even supported by the underlying crypto system like the NSS "SoftToken".

Best regards
Anders Rundgren
User of Nexus personal, Vendor to BankID, and PKI/Web Technologist.

Received on Wednesday, 4 July 2012 05:45:46 UTC