Hi, Please note that there are other TEEs available today (and assuming more to come) that are targeting general ISVs and not device integrators. Typically, in such TEEs, a trusted application is isolated from the TCB of other trusted applications and their resources.
- Alex. -----Original Message----- From: Anders Rundgren [mailto:anders.rundgren....@gmail.com] Sent: Tuesday, March 01, 2016 19:37 To: GALINDO Virginie <virginie.gali...@gemalto.com>; public-web-secur...@w3..org Cc: Wayne Carr <wayne.c...@linux.intel.com>; Rigo Wenning <r...@w3.org> Subject: Re: [W3C Web Security IG] TEE for all on android On 2016-03-01 17:41, GALINDO Virginie wrote: > Dear all, > > In case you missed it, Trusty is offering to android developers an API to > access some Trusted Execution Environment operations. > > See https://source.android.com/security/trusty/index.html Virginie, Thanx for the update. Unfortunately this only verifies my strong belief that the HW-Sec WG in progress is on the wrong track targeting TEEs from the Web since trusty applications are (AFAICT...) only deployable by device integrators. It would be better if the HW-Sec WG listened to the market which nowadays not only mean "Anders and Martin", but de-facto also includes Google with their suggested and implemented Android fix: https://github.com/w3c/webpayments/issues/42#issuecomment-166705416 Apparently even Mr. Arcieri essentially agrees with this: https://www.w3.org/2016/02/23-wpwg-minutes tarcieri: My personal opinion is the ability to intent into a native app .... make a payment from the mobile (native) web ... I'd like to see that capability in there one way or another That is, COMBINING the power of the Web and the App worlds would be a _fantastic project_, at least if innovation by third-parties is in scope. If W3C cannot do this for religious or political reasons, well, that's a pity because this development seems _inevitable_ as it would be a complete waste of valuable time and resources building parallel universes! It is not proved that it is technically feasible either. Regards, Anders > > Regards, > > Virginie > > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------------------------------------------------------------------- > ---------- This message and any attachments are intended solely for > the addressees and may contain confidential information. Any unauthorized use > or disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable for > the message if altered, changed or falsified. If you are not the intended > recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this transmission free > from viruses, the sender will not be liable for damages caused by a > transmitted virus. --------------------------------------------------------------------- Intel Israel (74) Limited This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
