Re: Need for Smart Card support

On Mon, Jun 11, 2012 at 6:13 PM, Ryan Sleevi <sleevi@google.com> wrote:
>
> As I see it, there's two parts of the API needed:
> 1) An intent, by the web site, to indicate interest in keys matching certain
> criteria
> 2) A confirmation, by a user, that the web site is authorized for such keys.
>
> A very, very bad pseudo-API that I haven't thought through entirely, and is
> effectively something very similar to the MediaQueryList interface [1].
>
> interface KeyQueryCriteria {
>
> // Some sort of criteria such as algorithm, mode, id, etc
> // It may even indicate keys that are bound to certificates, where the
> certificate meets some criteria (eg: as is done in SSL/TLS client auth and
> for document signatures)
>
> // Multiple criteria are ANDed together. OR is handled by creating multiple
> listeners. NOT is not supported?
>
> }
>
> interface KeyQueryList {
>
> readonly attribute KeyQueryCriteria criteria[];
>
> void addListener(KeyQueryListListener listener);
>
> void removeListener(KeyQueryListListener listener);
>
> }
>
> [Callback, NoInterfaceObject]
> interface KeyQueryListListener {
>
> void onKeyAdded(KeyQueryList kql, KeyID keyId);
>
> void onKeyRemoved(KeyQueryList kql, KeyID keyId);
>
> }
>
> A web site may use this by doing something like:
>
> var kql = window.crypto.queryKey([Some, Criteria, Here]);
> kql.addListener({
>   onKeyAdded: function(query, keyId) {
>   },
>   onKeyRemoved: function(query, keyId) {
>   }
> );
>
> KeyID may be a string identifier or may be a handle to an existing key
> (whatever is appropriate, I'm not sure).

This kind of API can be very useful for handling smart cards.  Here is
Mozilla's offering in this area:
https://developer.mozilla.org/en/JavaScript_crypto#Handling_smart_card_events
http://html5.creation.net/webcrypto-api/#enablesmartcardevents-attribute

Wan-Teh

Received on Tuesday, 12 June 2012 22:15:54 UTC