W3C home > Mailing lists > Public > public-identity@w3.org > November 2011

Re: DomCrypto - Revised Strategy?

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Fri, 18 Nov 2011 04:15:00 +0100
Message-ID: <4EC5CDB4.1000702@telia.com>
To: Harry Halpin <hhalpin@w3.org>
CC: "public-identity@w3.org" <public-identity@w3.org>
On 2011-11-18 01:34, Harry Halpin wrote:
>> Google has silently already launched their Origin Bound Certficate TLS
>> extension in Chrome.  IMO, this is the only way forward.
>>
>> If Mozilla is serious about DomCrypt, Mozilla must release "as is";
>> nobody will care otherwise.
> 
>  DomCrypt is already joint work between Mozilla and Google. Origin Bound
> Certs are no doubt a good idea as well. Again, we've discussed more
> general purpose certs, if you think this should be part of the WG charter
> you must specify textual changes to the charter now, as right now most of
> that is out-of-scope for the API.


I hate to say it but with the flurry of proposals from Google and
Mozilla I don't think that there is much ground for standardization
and charters.  IMO, there are no good DomCrypt use-case descriptions
either.  The work should have started there with the simple question:

   "What is it we want to achieve?"

Making crypto in JS is not the answer; it may at best be the solution.

Anders


> 
>>
>> Google did the same with their wallet which is a REALLY interesting
>> thing.  Unfortunately the architecture seems to be secret.
>>
>> Anders
>>
>>
> 
> 
> 
Received on Friday, 18 November 2011 03:15:37 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 18 November 2011 03:15:37 GMT