While I don't know if this specific proposal would support it, things like the various EU countries' citizen cards (using their national IDs for authenticating to government services) do not use TLS client certs, instead relying on other software that needs to be installed.
Christian On Wed, Sep 21, 2022 at 5:13 PM agowa338 <[email protected]> wrote: > What's the difference between this proposal to just using HTTPS client > auth with a certificate on a smartcard? That's basically what we've been > using for decades now... > > [email protected] schrieb am Mittwoch, 21. September 2022 um 20:41:56 > UTC+2: > >> Not mentioned above but included in the explainer: To mitigate some of >> the obvious security concerns this API will only be available to Isolated >> Web Apps <https://github.com/WICG/isolated-web-apps>. >> Reilly Grant | Software Engineer | [email protected] | Google Chrome >> <https://www.google.com/chrome> >> >> >> On Wed, Sep 21, 2022 at 8:00 AM 'Daniel d'Andrada' via blink-dev < >> [email protected]> wrote: >> >>> Contact [email protected] >>> >>> Explainerhttps://github.com/dandrader/web-smart-card/blob/main/README.md >>> >>> Summary >>> >>> Enables smart card (PC/SC) applications to move to the Web platform. It >>> gives them access to the PC/SC implementation (and card reader drivers) >>> available in the host OS. >>> >>> >>> Blink componentBlink >>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink> >>> >>> Motivation >>> >>> While there are other APIs that provide the right level of abstraction >>> and security properties for identity on the Web, such as WebAuthn, there >>> are domain-specific functions which can't be captured by such higher-level >>> APIs. A remote access (aka "remote desktop") web app letting the remote >>> machine access the host's card reader as if it were directly connected to >>> it. Enabling PC/SC applications on that remote machine to work without >>> modification, unaware that the card reader is not local. A web-based kiosk >>> could read even simple RFID badges via PC/SC and then display relevant >>> information on a screen. It's also not uncommon for such readers to need >>> control commands to put them into the proper state for reading the >>> particular type of card the application supports. >>> >>> >>> Initial public proposalhttps://github.com/WICG/proposals/issues/64 >>> >>> TAG review statusPending >>> >>> Risks >>> >>> >>> Interoperability and Compatibility >>> >>> >>> >>> *Gecko*: No signal >>> >>> *WebKit*: No signal >>> >>> *Web developers*: No signals >>> >>> *Other signals*: PC/SC developers. Generally positive. (see e-mail >>> thread >>> <http://lists.infradead.org/pipermail/pcsclite-muscle/2022-August/001282.html> >>> ) >>> >>> WebView application risks >>> *Does this intent deprecate or change behavior of existing APIs, such >>> that it has potentially high risk for Android WebView-based applications?* >>> >>> No >>> >>> >>> >>> Debuggability >>> >>> >>> >>> Is this feature fully tested by web-platform-tests >>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>> ?No >>> >>> Flag nameSmartCard >>> >>> Requires code in //chrome?Yes. Similarly to other device APIs like >>> WebHID and WebUSB. >>> >>> Estimated milestones >>> >>> No milestones specified >>> >>> >>> Link to entry on the Chrome Platform Status >>> https://chromestatus.com/feature/6411735804674048 >>> >>> This intent message was generated by Chrome Platform Status >>> <https://chromestatus.com/>. >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "blink-dev" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CA%2BenBd9j9Ucy-BKqfQSk9hZxVG6-qm4H6X3%3DxT9U86KpiOpKeA%40mail.gmail.com >>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CA%2BenBd9j9Ucy-BKqfQSk9hZxVG6-qm4H6X3%3DxT9U86KpiOpKeA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/2539271a-7eee-468b-8e28-17f19ad4ed02n%40chromium.org > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/2539271a-7eee-468b-8e28-17f19ad4ed02n%40chromium.org?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAPTJ0XFndAAn1vXgLQzhGtf4oZAqidAHULDM177Su7SnGyA7hA%40mail.gmail.com.
