The W3C Web Cryptography API: Design and Issues
نویسنده
چکیده
The W3C Web Cryptography API will be the standard API for accessing cryptographic primitives in Javascript-based environments. We describe the motivations behind the creation of the W3C Web Cryptography API, deal with a number of objections, and then describe the API in detail with motivating use-cases and sample code. Lastly, we outline open issues and how the wider academic and security community can become involved in the process.
منابع مشابه
Using the W3C WebCrypto API for Document Signing
This paper focuses on digitally signing documents as a specific use case for making secure hardware available to a web application. We explore the current options available to implementers and the drawbacks associated with each option. Then we look at the emerging Web Cryptography API developed by the W3C and discover missing functionality needed to implement this use case. Finally, we suggest ...
متن کاملPrivacy Issues of the W3C Geolocation API
The W3C’s Geolocation API may rapidly standardize the transmission of location information on the Web, but, in dealing with such sensitive information, it also raises serious privacy concerns. We analyze the manner and extent to which the current W3C Geolocation API provides mechanisms to support privacy. We propose a privacy framework for the consideration of location information and use it to...
متن کاملW3C Geolocation API calls for Better User Privacy Protection
The W3C’s Geolocation API will be able to standardize rapidly the transmission of location information of users on the Web. However, such sensitive information raises serious privacy concerns especially in the mobile Internet. Our position is that the introduction of this API has to be complemented with additional means in order to prevent privacy violations originating from combining location ...
متن کاملWeb Authentication: The next step in the evolving identity eco-system?
Currently, the identity eco-system on the Web is fragmented between a number of different flows for authorization with no standardized high-security authentication mechanism outside of usernames-passwords. Current identity solutions such as OpenID Connect and BrowserID are on an abstract level just two different authorization flows that differ across a number of criteria such as privacy. We als...
متن کاملThe OWL API: A Java API for OWL ontologies
We present the OWL API, a high level Application Programming Interface (API) for working with OWL ontologies. The OWL API is closely aligned with the OWL 2 structural specification. It supports parsing and rendering in the syntaxes defined in the W3C specification (Functional Syntax, RDF/XML, OWL/XML and the Manchester OWL Syntax); manipulation of ontological structures; and the use of reasonin...
متن کامل