On 2015-01-15 15:21, Harry Halpin wrote:
On 01/15/2015 03:11 PM, Anders Rundgren wrote:
On 2015-01-15 14:50, Harry Halpin wrote:
Just to clarify as I've had a few off list emails expressing confusion
on what it means to 'recharter' from folks new to the W3C:
We can recharter WebCrypto with *no* new deliverables. This means we can
simply extend the charter to deal with the current relatively small
delay we have off of our current charter.
That being said, if there is work that people want in scope, either of
the WebCrypto WG or WebAppSec or a new WG, it would be great to have
member submissions before the WebCrypto charter expired, ideally before
the end of February. W3C wants work to go in the best and most
appropriate forum for the particular deliverable.
Anders,
As I think many other people have mentioned before, while we
appreciate your technical contributions,
Thanx.
> your prognostications about the future have been 100% wrong historically
Are you referring to payments and WebCrypto? The answer on that is yet
to be seen an yes, I don't think WebCrypto will be a part of the plot.
Or is it HTML5's "keygen"? The fact is that it has at best 5% of the
market which IMO makes it a failure.
and tend towards being inflammatory, which perhaps both why your
> invited expert status is rejected by W3C Working Groups
Yes, political correctness isn't my forte...
and your WebPKI work has also no taken up by the larger community.
Well, I think that may have a slightly simpler explanation: who cares about
*anything* not coming from a major player or very well-respected individual?
If you'd focus on technical issues and look for
ways forward, I think you can make a positive impact.
I do that in the Web Payment IG although without being an invited expert :-)
Cheers,
Anders
cheers,
harry
What's somewhat surprising is that hardly none of the things discussed in
Mountain View seems to be relevant anymore. Yeah, Google is not interested
and therefore there's nothing we can do?
Anyway, the Web Payment IG won't bother with WebCrypto either, the s.c.
high-value transactions mentioned in the original use-case document will be
performed in local non-web-based wallets using TEE/SE-based
cryptographic APIs.
Anders
Although the decision would always rest with the WG for new deliverables
to a charter and with the AC for the creation of a new WG, I would
personally skeptical of adding new deliverables unless there are clear
member submissions and some emerging consensus that we should add a new
deliverable.
Nonetheless, we at W3C are firmly interested in seeing authentication on
the Web become more secure, and are actively interested in ways to
operationalize this in a way that is acceptable to both users, vendors,
and implementers. It's a tough job, but someone's got to do it :)
cheers,
harry
On 01/08/2015 01:31 AM, Richard Barnes wrote:
On Wed, Jan 7, 2015 at 7:43 PM, Ryan Sleevi <sle...@google.com> wrote:
As noted during the F2F during the 2014 TPAC, it's unlikely we would
be able to support such a rechartering.
In the goals, only the first goal is something that aligns with our
interest.
In the scope, we are explicitly not interested in "user managed"
storage and "web certificate management". Further, we don't believe
this group is the appropriate venue for the discussion of Web
Authentication - that would be better for WebApps or WebAppSec.
WebAppSec already has proposals for dealing with credentials -
http://lists.w3.org/Archives/Public/public-webapps/2014JulSep/0141.html
Put differently, for a rechartering, the only effort we'd likely
support support is the maintenance and exploration of algorithms.
Any other chartering discussions should follow the highly productive
workmodes of WebApps and WebAppSecs - that is, concrete, defined
proposals being brought forth and holding rechartering discussions in
specific and narrow scopes if such proposals have consensus (in
particular, from user agents).
Reserving the right to disagree with Ryan on the particular scoping
above,
I strongly agree with the above paragraph. None of the proposed work
items
to date has been defined in enough scope to make it clear what a WG
would
do.
--Richard
On Wed, Jan 7, 2015 at 1:48 AM, GALINDO Virginie
<virginie.gali...@gemalto.com> wrote:
Dear all,
Web Crypto WG charter [1] will end by the end of March. We need to
prepare
the next charter of Web Crypto.
As a reminder, the conversation has started on this page :
https://www.w3.org/Security/wiki/IG/webcryptonext_draft_charter
Feel free to add you ideas and suggestions on the wiki and/or
expose your
opinion and question on the public-webcry...@w3.org or
public-webcrypto-comm...@w3.org (for non W3C Web Crypto WG members).
Regards,
Virginie
[1] http://www.w3.org/2011/11/webcryptography-charter.html
________________________________
This message and any attachments are intended solely for the
addressees
and
may contain confidential information. Any unauthorized use or
disclosure,
either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable
for
the message if altered, changed or falsified. If you are not the
intended
recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this
transmission
free from viruses, the sender will not be liable for damages caused
by a
transmitted virus.
