- From: Ron Garret <ron@flownet.com>
- Date: Wed, 8 Feb 2012 10:10:59 -0800
- To: Anders Rundgren <anders.rundgren@telia.com>
- Cc: public-identity@w3.org, Harry Halpin <hhalpin@w3.org>
+1. The belief that something is infeasible is in nearly all cases a self-fulfilling prophecy. On Feb 8, 2012, at 6:40 AM, Harry Halpin wrote: > Anders, > > Again, if you believe in your below statements, I kindly suggest you join another mailing list. Furthermore, there is no new information in your email, just the same opinion you re-iterated earlier a number of times. > > cheers, > harry > > > On 02/08/2012 06:30 AM, Anders Rundgren wrote: >> http://www.w3.org/2011/08/webidentity-charter.html >> >> I hope you don't get too upset but I believe the last 12 months have shown that >> standardization of security and identity solutions on the web, particularly for >> schemes that introduce changes in the client-platform, is more or less infeasible. >> >> Why is that? The interest in cooperating among the very few vendors that own >> the web is minimal. In addition, the majority of all efforts in this space fail >> like Microsoft's Information Cards initiative. >> >> Regarding DomCrypt, I see this as a Mozilla project which the other vendors can >> take up or not depending if they find it useful. >> >> DomCrypt also shows the difficulty running open processes. It has been claimed >> that DomCrypt could be "extended" to support smart cards. No document or >> writeup has though been provided showing how this would work. IMO smart >> cards using non-domain-restricted credentials such as PIV must not be exposed >> on the web; they can only be used by trusted applications such as TLS. >> >> Anders >> > >
Received on Wednesday, 8 February 2012 18:16:33 UTC