- From: GALINDO Virginie <Virginie.GALINDO@gemalto.com>
- Date: Wed, 19 Sep 2012 17:38:51 +0200
- To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
- Message-ID: <076ED1F6CB375B4BB5CAE7873691360703B51EB41953@CROEXCFWP04.gemalto.com>
FYI telecom security world, gathered in 3GPP, is now aware of the Web Crypto API. Regards, Virginie From: Pauliac Mireille Sent: mercredi 19 septembre 2012 17:09 To: 3GPP_TSG_SA_WG3@LIST.ETSI.ORG Cc: GALINDO Virginie Subject: Usage of GBA from the browser Dear SA3, In relation with current SA3 work on "Security enhancements for usage of GBA from the browser" (TR 33.823), please note that the W3C Web Crypto API is now available for public comments under http://www.w3.org/TR/WebCryptoAPI/ . The objective of this web crypto API is to allow a web app running in a browser to generate a key and use it to perform basic crypto operations. Keys created can be either permanent or temporarily. This API is agnostic in terms of support for cryptographic operations, which means that to implement it, the browser can use any technology, including Secure Element (e.g. UICC). We share with SA3 this specification since, as mentioned during Bratislava meeting, this WG has been facing the same issues we had to address, including the key handling. The status of a Public Working draft allows W3C to collect comments from the industry before progressing on open issues, as such the spec should be perceived as 70% stable. The specification should be finalized in Q2 2013. FYI, archives about this Working Group are available here http://www.w3.org/2012/webcrypto/ and main contributors to this specification are indicated here https://www.w3.org/2000/09/dbwg/details?group=54174&public=1 Best Regards, Mireille
Received on Wednesday, 19 September 2012 15:39:21 UTC