- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sat, 28 Dec 2013 07:46:56 +0100
- To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
For those who think U2F is something completely different the following lines from an early (still public...) specification
https://docs.google.com/presentation/d/16mB3Nptab1i4-IlFbn6vfkWYk-ozN6j3-fr7JL8XVyA/edit?pli=1#slide=id.g19c09a112_2_88
Direct Access from Browser:
No client middleware to install
Simple Javascript API: 'Create Key Pair' and 'Sign'
Not just tied to login! Use anytime you want to strongly verify user.
should be an eye-opener.
On 2013-12-19 05:04, Anders Rundgren wrote:
> Gentlemen,
>
> AFAICT, there's a considerable overlap between WebCrypto.Next
> http://www.w3.org/2012/webcrypto/wiki/WG_Future_Work
> and U2F. At least for the stuff that relates to user keys and tokens.
>
> It seems like an awful waste of precious cycles developing additional specifications
> if two of the most prominent parties have already decided to do something else.
>
> Would it be possible getting some kind of position on this?
>
> Thanx,
> Anders
>
> http://www.forbes.com/sites/amadoudiallo/2013/11/30/google-wants-to-make-your-passwords-obsolete/
>
> http://fidoalliance.org/news/MicrosoftAnnounce.pdf
>
Received on Saturday, 28 December 2013 06:47:32 UTC