W3C home > Mailing lists > Public > public-identity@w3.org > February 2012

Re: Charter and the NetFlix UC

From: Ron Garret <ron@flownet.com>
Date: Fri, 17 Feb 2012 11:35:10 -0800
Cc: public-identity@w3.org
Message-Id: <AFCD6761-9455-41ED-A4D5-372EA1B29070@flownet.com>
To: Anders Rundgren <anders.rundgren@telia.com>

On Feb 17, 2012, at 11:15 AM, Anders Rundgren wrote:

> On 2012-02-17 20:00, Ron Garret wrote:
>> 
> <snip>
>> It is possible that the solution to all our problems is simply to document signText.
> 
> I just mentioned that there are a bunch of "standards" out there already.

And what does the existence of "a bunch of standards" have to do with what is wrong with signText?

> If I were to create a standard I would begin with researching these to see
> if there is something worth stealing :-)

So, did you?  Is there?

> https://github.com/daviddahl/domcrypt/blob/master/demos/demo.js#L47

All I see is a bunch of uncommented Javascript code.  How that is intended to address the issue that signText is undocumented I do not understand.  I might be able to back out an API by reverse-engineering this code, but that would be missing the point rather badly.

> I don't know how window.mozCipher.pk.sign works but signText(v1996) uses X.509
> certificates which I believe what is generally requested.

Personally, I think X.509 is part of the problem, not the solution.  But that is a different issue altogether.

rg
Received on Friday, 17 February 2012 19:35:39 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 17 February 2012 19:35:39 GMT