W3C home > Mailing lists > Public > public-webpayments@w3.org > August 2014

W3C WebCrypto.Next Conference

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Mon, 11 Aug 2014 08:53:50 +0200
Message-ID: <53E8687E.5090001@gmail.com>
To: Web Payments CG <public-webpayments@w3.org>

I hope to go (my position two papers were accepted) but I'm rather uncertain
that the outcome actually will very clear since there are two fundamentally
different approaches:
- Evolution: Adopt the web-platform to existing smart cards etc
- Revolution: Create complete systems from scratch

FIDO represents the latter.   It doesn't build on smart card APDUs and
cannot run on top of standard crypto APIs like PKCS #11.

Personally, I'm also into revolution since smart cards and PKCS #11 were
not designed to be invoked by arbitrary web-code which calls for entirely
new protection strategies like SOP.  The only "traditional" technology
(IMO) worth preserving is PKI.

Received on Monday, 11 August 2014 06:54:29 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:33 UTC