W3C home > Mailing lists > Public > public-webpayments@w3.org > December 2014

Re: P2P Payments

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Fri, 05 Dec 2014 18:16:29 +0100
Message-ID: <5481E86D.1090304@gmail.com>
To: Manu Sporny <msporny@digitalbazaar.com>, public-webpayments@w3.org
On 2014-12-05 17:38, Manu Sporny wrote:
> What Anders is pushing for is a device (like FIDO's U2F devices only w/o
> the Same Origin Policy (SOP)) that you can use on any website to
> digitally sign something (after typing in a PIN on the device to
> complete the signature).

This is what Microsoft suggests:

Although the details are still very sketchy I don't see this as a viable solution,
it looks like an orgy in security-GUIs, something which has a proven track-record to go wrong.

> Typically, Secure Elements have been used for
> this sort of activity. WebCrypto has no support for this right now,
> although they're trying to figure out a way to make this happen at W3C.
> Virginie Galindo, the chair of the WebCrypto group and Gemalto employee
> (they make/sell Secure Elements), just presented to the Web
> Payments IG User Payment Agent Task Force about this an hour ago.

Haven't the payment-card industry already had like 15 years figuring
out how this should work?

So what "Anders is pushing for" is something which *does not* directly
expose keys (or other sensitive stuff) to "alien" sites:


Is this feasible?  I don't know for sure, I just thought that if an application
installed locally is trusted to do certain things the same application
(or a subset of it) ought to be [automatically] trusted even if supplied as a
part of an untrusted piece of code provided that the platform can:

1) verify that the trusted code is authentic

2) protect the trusted code from intrusion by the untrusted code

That is, the model for interaction is crucial thing.


> -- manu
Received on Friday, 5 December 2014 17:16:59 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:37 UTC