2012/11/21 Martin Paljak :
> On Wed, Nov 21, 2012 at 8:55 PM, Andreas Jellinghaus
> wrote:
>> 2012/11/21 Martin Paljak :
>>> On Thu, Nov 15, 2012 at 7:12 PM, Anders Rundgren
>>> wrote:
>>>
Another hurdle is that the GP security model is incompatible with the
Internet: GP presumes mutual
On Wed, Nov 21, 2012 at 8:55 PM, Andreas Jellinghaus
wrote:
> 2012/11/21 Martin Paljak :
>> On Thu, Nov 15, 2012 at 7:12 PM, Anders Rundgren
>> wrote:
>>
>>> Another hurdle is that the GP security model is incompatible with the
>>> Internet: GP presumes mutual authentication AFAIK. This is how t
2012/11/21 Martin Paljak :
> On Thu, Nov 15, 2012 at 7:12 PM, Anders Rundgren
> wrote:
>
>> Another hurdle is that the GP security model is incompatible with the
>> Internet: GP presumes mutual authentication AFAIK. This is how the
>> Google Wallet currently works (Google holds the master keys to
On Thu, Nov 15, 2012 at 7:12 PM, Anders Rundgren
wrote:
> Another hurdle is that the GP security model is incompatible with the
> Internet: GP presumes mutual authentication AFAIK. This is how the
> Google Wallet currently works (Google holds the master keys to the SE)
> but that's not really cu
On 2012-11-15 08:56, Andreas Schwier wrote:
> Does the API matter anyway ?
>
> No, it's the functionality the TEE provides: Generate, store, maintain
> and use cryptographic material and do all kinds of risk management. And
> these functions do not really require web service and overloaded APIs.
>
On 11/15/2012 3:40 AM, Andreas Kuehne wrote:
> Hi Peter,
>>> http://www.theregister.co.uk/2012/11/13/trustzone_company
>>>
>>> Smart cards? Don't think so.
>> TrustZone isn't half bad hardware.
>>
>> But I bet that the solution they come up with will still use exactly
>> the same old APDUs, with
Hi Peter,
>> http://www.theregister.co.uk/2012/11/13/trustzone_company
>>
>> Smart cards? Don't think so.
> TrustZone isn't half bad hardware.
>
> But I bet that the solution they come up with will still use exactly
> the same old APDUs, with just a minimum bolted-on, in order to make
> something
Does the API matter anyway ?
No, it's the functionality the TEE provides: Generate, store, maintain
and use cryptographic material and do all kinds of risk management. And
these functions do not really require web service and overloaded APIs.
They require APIs that are consistent, simple to implem
Anders Rundgren wrote:
> http://www.theregister.co.uk/2012/11/13/trustzone_company
>
> Smart cards? Don't think so.
TrustZone isn't half bad hardware.
But I bet that the solution they come up with will still use exactly
the same old APDUs, with just a minimum bolted-on, in order to make
somethi
