- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Fri, 14 Jun 2013 06:30:17 +0200
- To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
Hi Guys, I minted the term Web Token years ago when I started the SKS/KeyGen2 project. Few have though expressed any enthusiasm over the idea of a web-adapted smart card. Now this has changed forever because Google has silently been working on a similar concept! You know, if it comes from Google it must be good :-) Even Microsoft who provided me with this information (!) seems quite interested... https://sites.google.com/site/oauthgoog/gnubby Although technically rather different to SKS/KeyGen2, on an "executive level" they are close to identical, i.e. a token that can be provisioned from a standard (enhanced) web browser rather than through a CMS (Card Management System), as well as being able to keep keys from many and unrelated parties. Regards, Anders Needless to say it makes Google's resistance to smart card support in Web Crypto more understandable since they already have it but for their particular flavor of smart cards. The protocol looks very much like Web Crypto + JOSE.
Received on Friday, 14 June 2013 04:30:50 UTC