- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Fri, 18 Nov 2011 04:04:03 +0100
- To: Richard Barnes <rbarnes@bbn.com>
- CC: "public-identity@w3.org" <public-identity@w3.org>
On 2011-11-18 03:48, Richard Barnes wrote: > Hi Anders, > > I'm confused. DOMCrypt and OBC solve completely different problems. > DOMCrypt is about providing a crypto API to Javascript. > OBC is about authentication / identity binding at the TLS layer (there's no JS interaction). I wasn't comparing them on a technical basis but from a standardization and adaption point-of-view. DomCrypt is *not* shipped with Firefox and last I tried it it didn't even work with the most current release. > Also, FWIW, OBC has been proposed for work in the IETF TLS working group: > <http://tools.ietf.org/html/draft-balfanz-tls-obc-01> After first being implemented in Chrome, yes. Anders > > --Richard > > > On Nov 18, 2011, at 4:21 AM, Anders Rundgren wrote: > >> Google has silently already launched their Origin Bound Certficate TLS >> extension in Chrome. IMO, this is the only way forward. >> >> If Mozilla is serious about DomCrypt, Mozilla must release "as is"; >> nobody will care otherwise. >> >> Google did the same with their wallet which is a REALLY interesting >> thing. Unfortunately the architecture seems to be secret. >> >> Anders >> > >
Received on Friday, 18 November 2011 03:04:48 UTC