RE: RSA blind signatures II

Hi Stefan,

Thanks for coming back to us about the use case of RSA blind signature. 
The WG will discuss if we want or not to address it as a use case. 
The bigint topic will also be discussed, as a separate item. 

Chair of the Web Crypto WG

-----Original Message-----
From: Stefan Xenon [] 
Sent: lundi 21 janvier 2013 15:41
Subject: RSA blind signatures II

My question in November/December on RSA blind signatures turned into a discussion about Big Integer. I feel that  within the discussion my initial point got lost. But also nobody rejected the idea to include blind signatures within the Web Crypto API (I'm *not* asking for a general Big Integer API). This is why I would like to underline the idea with a few use cases. Chaum-based digital cash systems (e.g. opencoin) use tokens to represent values. The user's wallet would be implemented as a client-side JavaScript application to store the digital tokens locally and not to expose them to (potentially insecure/untrusted) servers. The system works without any account on a central server and could store the tokens in the client exclusively. The wallet is used to manage the tokens. This includes to top-up the pre-paid value in the wallet or to deposit the amount to a bank account (which would not be part of the very system). The wallet can be used to pay purchases done in online shops directly within the webbrowser without the need for an external application. The wallet could also transfer coins in a peer-to-peer manner via WebRTC, webmail or other interfaces. Mobile apps could be used to pay purchases during real physical shopping. All we would need (for performance reasons) is RSA blind signatures being supported by the Web Crypto API. Please let me know what you think.


Received on Tuesday, 22 January 2013 08:58:03 UTC