- From: Arun Ranganathan <arun@mozilla.com>
- Date: Tue, 7 May 2013 15:08:09 -0400
- To: Nick Van den Bleeken <Nick.Van.den.Bleeken@inventivegroup.com>
- Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Nick, On Apr 24, 2013, at 12:44 PM, Nick Van den Bleeken wrote: > Get access to government applications that require authentication based on your real identity using your eID card (e.g.: to fill in taxes, retrieve birth certificate, ...). Including the option to sign out. > > Requirements: > * Identify an appropriate key (issued by the government) -> query facility > * Export the certificate, including its certificate chain (the website has to validate that the public key was issued by the government) > * Use the private key to perform basic cryptographic operations Looks like Ryan's already asked the questions I had. IF the answer is that arbitrary origins that cannot enter into a "code agreement" (caller/callee) drive this use case, then I'm not sure we're working on technology that can cater to this use case. I do think that a subset of this use case can be achieved with a cross-origin model, which is why I think it may be one of our more compelling use cases (and I'm optimistic we'll have a "flagship" cross-origin use case that illustrates what can be done outside origin-restricted use of this API). In general, I'll create a "documented for posterity" section in the use cases document, provided we make it clear that we're not pursuing a solution to those use cases within our API. -- A*
Received on Tuesday, 7 May 2013 19:08:44 UTC