Re: OASIS - PKCS #11 Standards Effort

On 2013-05-18 17:17, Jeffrey Walton wrote:
> On Sat, May 18, 2013 at 1:31 AM, Anders Rundgren
> <> wrote:
>> "...We'll also be considering requirements brought on by mobile devices,
>>  cloud computing and virtualization architectures, Web sensors, and
>> contactless payment technologies,"

> ?

Yes, if the PKCS #11 TC actually took on this path they would create a monster
specification that would be impossible to verify the interoperability of.
Getting the prerequisite (it is in the Google Wallet) "Secure Messaging"
into the specification would probably stall the TC close to indefinitely.

The FIDO alliance which Google has taken a board seat in is effectively on
the same "Highway to Hell".  If you researched which PC-peripherals that defy
the plug'n'play concept most, I pretty sure that tokens would come out as #1.
Not even an awesome company like Google can make pigs fly.  There's a reason
why 300 million+ EMV chip-cards didn't made it to the web and never will;
they weren't designed for the web.


Received on Sunday, 19 May 2013 10:01:13 UTC