- From: Samuel Erdtman <samuel.erdtman@nexussafe.com>
- Date: Wed, 4 Jul 2012 05:49:02 +0000
- To: Anders Rundgren <anders.rundgren@telia.com>, "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
- Message-ID: <3DD56FC8ED0E1B4A95031DA177B50F4A67BBF349@MarvMailDB.technxs.com>
Hi Anders, Thanks for the comments, I´ll try to explain how I was thinking. I´m not aiming to build a complete replica of Nexus Personal, what I´m mainly looking for is a common way to access a crypto provider from the browser, and then register e.g. Nexus Personal as a crypto provider to give access to smart cards. This summarizes most of the use-cases that I sent in. I think that Wan-Teh's signature write-up (http://lists.w3.org/Archives/Public/public-webcrypto/2012Jun/0007.html) is a subset of mine. Mine is just a more generalized description of the need for smart-card support, but with a more specific technical description. Further I wanted to put soma extra focus on signatures in the Web Crypto API which currently have very few use-cases on signing (http://www.w3.org/2012/webcrypto/wiki/Use_Cases). In the cases where PIN is not supported by the a SoftToken I would imagine the crypto provider either just blindly accepting the request signing it or provide the user with a dialog to accept signing operation. Cheers Samuel Erdtman | Developer Nexus Group | www.nexussafe.com<http://www.nexussafe.com/> ________________________________ From: Anders Rundgren [anders.rundgren@telia.com] Sent: Monday, July 02, 2012 10:13 To: public-webcrypto-comments@w3.org; Samuel Erdtman Subject: Re: Technology Nexus Web Cryptography API use-cases Hi Samuel, I think most the stuff you write about is out-of-scope for the WebCrypto WG. I don't think that you actually can build applications that mimic the Nexus "Personal" product based on transient downloaded code running in a browser window. Wan-Teh's signature write-up is though an exception since it is really a complete application: http://lists.w3.org/Archives/Public/public-webcrypto/2012Jun/0037.html I have earlier developed a more advanced version of a Web Signature proposal: http://webpki.org/papers/wasp/wasp-tutorial.pdf http://code.google.com/p/openkeystore/source/browse/trunk/library/src/org/webpki/wasp/wasp-core.xsd I'm (nowadays) mainly interested in Certificate Enrollment since the schemes supported by the current platforms are (as I have been banging on peoples' heads about for years) essentially inadequate, in addition to being all-over-the map. The PIN you are mentioning in your use-case is often not even supported by the underlying crypto system like the NSS "SoftToken". Best regards Anders Rundgren User of Nexus personal, Vendor to BankID, and PKI/Web Technologist.
Received on Wednesday, 4 July 2012 05:45:46 UTC