W3C home > Mailing lists > Public > public-credentials@w3.org > April 2016

Re: WebCrypto - In "progress" since 2012

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Fri, 29 Apr 2016 08:53:21 +0000
Message-ID: <CAM1Sok09fb=GjVBCtsFLdA0hs0vFx45BwBNmR2ZQWK9O5rPiAw@mail.gmail.com>
To: Anders Rundgren <anders.rundgren.net@gmail.com>, Web Payments CG <public-webpayments@w3.org>
Cc: W3C Credentials Community Group <public-credentials@w3.org>
imho cryptography that is highly secure from un-intended use seemed
interesting yet difficult to find means to work collaboratively on the
stuff that would otherwise be considered 'low hanging fruit'. So, when
thinking about it from a modern context - i also took into account quantum
computing capabilities as to consider meaningfully concepts surrounding the
principle of 'rule of law' where i noted today the following text

There is no single agreed definition of the rule of law. However, there is
a basic core definition that has near universal acceptance.

As Emeritus Professor Geoffrey Walker, has written in his defining work on
the rule of law in Australia: ‘…most of the content of the rule of law can
be summed up in two points:

(1) that the people (including, one should add, the government) should be
ruled by the law and obey it and

(2) that the law should be such that people will be able (and, one should
add, willing) to be guided by it.’

– Geoffrey de Q. Walker, The rule of law: foundation of constitutional
democracy, (1st Ed., 1988).


Source: http://www.ruleoflaw.org.au/principles/


also, IMHO: It's that concept of a 'human centric web' that's most
difficult to discover.   Yet in consideration - the way most people (who
are old enough to remember) started on the web with trumpet winsock[2] -
not something that was packaged with the OS (without going into the really
old stuff...).

Now therefore; When considering the concept of the map [3] I've been
thinking about the differences or nuances between the goals of building a
web for documents (ie: web 1/2) and one for data ("web 3").  If a 'trumpet
winsock' to deal with the ID/Crypto issues were produce today, what would
it do and how could it be packaged?  How would solve the very diverse
issues that relate to the problem-domain?

I guess underlying it all is a need to acknowledge that decisions are being
made about processes that are being put into the hands of various parties
and pending the architectural decisions of those designs; we'll end-up with
different social outcomes regardless of 'who wins' the more myopically
definitive process  as to have successfully completed the project.
Equally; i'm probably better off coding rather than thinking and well, the
work done here has been rather awesome; so perhaps it's just my
expectations that need to be adjusted...  that balance between doing your
best and living with humility / being human.

I think more work needs to go into producing interoperablity with SoLiD[4]
solutions.  For me the process of trying to bring the two worlds together
seems really very daunting...

Tim.H

[1] https://en.wikipedia.org/wiki/Lattice-based_cryptography
[2] http://thanksfortrumpetwinsock.com/
[3] https://www.w3.org/2007/09/map/main.jpg
[4] https://github.com/solid/


On Tue, 19 Apr 2016 at 15:33 Anders Rundgren <anders.rundgren.net@gmail.com>
wrote:

> https://lists.w3.org/Archives/Public/public-webcrypto/2016Jan/0022.html
>
> And still no interoperable standard.
>
> Making it possible extending browsers through Apps seems like a much
> easier way keeping the Web alive and kicking.
> Insurmountable security issues?  No, Google and Microsoft have solved
> these in Web Payments; they just haven't shared their findings with us.
>
> Anders
>
>
Received on Friday, 29 April 2016 08:53:59 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:28 UTC