On 2015-03-20 17:58, Siva Narendra wrote:
I think this discussion needs to be led by the browser developers and them come to a
> conclusion on what they want to do. In my opinion, rest of the community talking about > it will continue to be futile.
I believe you are right but that won't happen in W3C but in FIDO Alliance since they already have a big and apparently very committed community for such matters. Personally I'm moderately fond of the idea that a single company [in practice] "owns" a market due to the fact that browsers cannot be updated by third-party vendors like Tyfone. In fact, this is one (but definitely not the only) reason why I'm advocating an *entirely different direction* for dealing with smart cards and lots of other things including web-payment schemes (which also lacks any visible/known browser-vendor buy-in). Anders
-Siva / /--/ //Siva G. Narendra Ph.D. /CEO - //Tyfone, Inc. Portland | Bangalore | Taipei/ www.tyfone.com <http://www.tyfone.com>/ /Voice: +1.661.412.2233/ / / On Thu, Mar 19, 2015 at 11:35 PM, Anders Rundgren <anders.rundgren....@gmail.com <mailto:anders.rundgren....@gmail.com>> wrote: Since these discussions seem to end-up in veritable "flame-wars", without any technical substance whatsoever, I suggest that we try (to the best of our ability...), to take one issue at a time and see where that leads us. I'm counting on Virginie collecting and monitoring the issues. May I start with one issue? "Dealing with different security hardware" There are many types of Security HW and systems. Their interfaces are ranging from low-level ISO 7816 APDUs to high-level TEE schemes[1,2] where the input may be a transaction request and the output a transaction response while device I/O is taken over by the TEE. Question: How is this variation supposed to be dealt with? Cheers, Anders 1] http://www.globalplatform.org/__specificationsdevice.asp <http://www.globalplatform.org/specificationsdevice.asp> 2] http://ipt.intel.com/__Libraries/Documents/__Technology_Overview_-_Intel%__C2%AE_Identity_Protection___Technology_with_PKI.pdf <http://ipt.intel.com/Libraries/Documents/Technology_Overview_-_Intel%C2%AE_Identity_Protection_Technology_with_PKI.pdf>
