- From: Harry Halpin <hhalpin@w3.org>
- Date: Mon, 04 Mar 2013 13:04:05 +0100
- To: Aymeric Vitte <vitteaymeric@gmail.com>
- CC: Nick Van den Bleeken <Nick.Van.den.Bleeken@inventivegroup.com>, Mountie Lee <mountie.lee@mw2.or.kr>, public-webcrypto-comments@w3.org
- Message-ID: <51348DB5.30303@w3.org>
On 03/04/2013 12:02 PM, Aymeric Vitte wrote: > Me too, as well as working on TLS and exposing certificates specs. > > Maybe take a look here : https://github.com/Ayms/abstract-tls which is > an adaptation of https://github.com/digitalbazaar/forge that I am > currently modifying and integrating, this could be helpfull to start > building the certificates and TLS models (still easier to start from > something working and well documented like forge with interesting > concepts like the abstract notions, and to modify it than starting > from scratch). I agree certificate/TLS binding work makes sense in a separate spec. Right now this is in secondary scope, so until we get answers on the primary scope issues, we likely won't make this a deliverable - particularly if vendors aren't interested in implementing this now. However, even if it doesn't, there's always the ability to charter another Working Group as needed. Keep in mind these features from the charter: "control of TLS session login/logout, derivation of keys from TLS sessions" as well as "the lifecycle control of credentials such enrollment, selection, and revocation of credentials with a focus enabling the selection of certificates for signing and encryption" [1]. Also, when writing the spec try to determine if you could use the low-level API to build what parts, and what other parts would need some level of access to browser internals. Some features could be done in a library on top of the Crypto API I hope. [1] http://www.w3.org/2011/11/webcryptography-charter.html > > Regards, > > Aymeric > > > Le 04/03/2013 08:44, Nick Van den Bleeken a écrit : >> Mountie, >> >> That's good news. We are also interested in an API that allows us to >> retrieve the certificate and its certificate chain of pre-provisioned >> cryptographic keys. >> >> If I can help in any way, please let me know (review early documents, >> do some early prototyping, …). >> >> Kind regards, >> >> Nick Van den Bleeken >> >> On 04 Mar 2013, at 03:10, Mountie Lee <mountie.lee@mw2.or.kr >> <mailto:mountie.lee@mw2.or.kr>> >> wrote: >> >>> Hi. >>> >>> currently certificate related issues are belong to secondary >>> features of API and becoming pending. >>> >>> but the editor has more focus on primary feature and high level API. >>> >>> let me contribute a draft for certificate management that will be >>> different document and can be reviewed by WG members later. >>> >>> still some WG members want features of certificate. >>> >>> the milestones and schedules are not yet prepared. >>> after discussing with more participants, I will inform to WG again. >>> >>> regards >>> >>> -- >>> Mountie Lee >>> >>> PayGate >>> CTO, CISSP >>> Tel : +82 2 2140 2700 >>> E-Mail : mountie@paygate.net <mailto:mountie@paygate.net> >>> ======================================= >>> PayGate Inc. >>> THE STANDARD FOR ONLINE PAYMENT >>> for Korea, Japan, China, and the World >>> >>> >> >> >> ------------------------------------------------------------------------ >> >> Inventive Designers' Email Disclaimer: >> http://www.inventivedesigners.com/email-disclaimer > > -- > jCore > Email :avitte@jcore.fr > iAnonym :http://www.ianonym.com > node-Tor :https://www.github.com/Ayms/node-Tor > GitHub :https://www.github.com/Ayms > Web :www.jcore.fr > Webble :www.webble.it > Extract Widget Mobile :www.extractwidget.com > BlimpMe! :www.blimpme.com
Received on Monday, 4 March 2013 12:04:25 UTC