- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Sat, 1 Nov 2003 20:22:56 +0100
- To: <w3c-ietf-xmldsig@w3.org>
Dear all, I have on behalf of a client, taken the liberty to investigate the state of client-side PKI support in web-browsers with respect to standards and interoperability. There were several reasons for performing this study, and a major such was that we have found that none of the pretty large Nordic e-government initiatives and on-line banks, actually use the browsers' built-in client-side PKI mechanisms at all, most of them rather rely on Java applets developed by various ISVs. The reason for this is very obvious: ============================================= Practically every piece of client-side Web-PKI, ranging from on-line certification support to on-line (web-form) signing, is currently entirely vendor-dependent ============================================= Assuming that there will be billions of users of Web-PKI in a few years from now (here adding the crowd likely to use "The Mobile Internet"), it seems that there could be a major task ahead for the W3C. There is a lot more to say on this subject but this could hopefully serve as a starter for discussions. Regards Anders Rundgren Independent Consultant, PKI and e-business + 46 70 627 74 37 (on CET)
Received on Saturday, 1 November 2003 14:26:05 UTC