- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Tue, 30 Oct 2012 17:57:17 +0100
- To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
http://www.w3.org/2012/webcrypto/WebCryptoAPI/#out-of-band-keys "...User agents may choose to expose such keys to web applications after implementing appropriate security and privacy mitigations, such as gaining user consent or other out-of-band authorization..." Every UA-maker will (have to) make their own interpretation on what is appropriate since "appropriate" is pretty subjective. The "Korean use-case" is stone-dead. Anders
Received on Tuesday, 30 October 2012 16:58:09 UTC