- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Tue, 17 Dec 2013 07:07:27 +0100
- To: Web Payments CG <public-webpayments@w3.org>
> On 12/12/2013 10:54 AM, Anders Rundgren wrote: > > http://fidoalliance.org/news/MicrosoftAnnounce.pdf > > > > FIDO = U2F > > > > "Microsoft joining Fido Alliance's Board is a key milestone to > > reaching the post UN/PW Authentication era of strong > > Authentication," said Sami Nassar vice president & general manager > > Authentication, NXP Semiconductors. > > > > Stubborn as I am, I will continue my SKS/KeyGen2 effort until the > > U2F spec is public. After that I will decide if there's anything > > left to do... > > Any idea when they are planning to make their specs public, Anders? > There could be overlap with the Web Identity spec that this group is > working on, but it's hard to tell from the content on the website. > > -- manu No, I don't. They are currently field-testing U2F and I'm sure there were some tweaks :-) Regarding overlaps with other standards, there's already a fundamental clash with WebCrypto's "Future Work". Personally, I'm pretty sure Google and Microsoft won't support *any* of the current "Future Work" items. Memory is short within SDOs: http://www.w3.org/TR/xhtml2/ It actually goes further, W3C's SysApps group is tinkering with an SE (Security Element) API. U2F (FIDO) is a simpler solution that also address crypto on a level which developers know, while the SE API builds on the ISO-7816 API which makes development of new services extremely complex. U2F was designed for the web; ISO-7816 was invented before the web even existed! Anders
Received on Tuesday, 17 December 2013 06:08:09 UTC