On 6 October 2012 08:16, Anders Rundgren <anders.rundgren@telia.com> wrote: > On 2012-10-05 20:47, Henry Story wrote: > > >> WebCrypto could very well become a better mousetrap than TLS CCA. > > > > By WebCrypto you mean using javascript. That does not really change > anything. > > It does because it liberates WebID from a scheme (TLS CCA) that in its > current > form is doomed as a consumer solution. > > TLS CCA is actually quite popular and useful for creating secure tunnels > between > servers. However, as a web solution for end-users TLS CCA has essentially > not > taken a single step forward since 1996! Well, the "underpinnings" have > changed > considerably but that doesn't help much since its "behavior" remains > neanderthalish. > The latter is presumably "by design". > > I'm surprised that you find the current key generation mechanisms useful. > No major > user of consumer-PKI I have heard of actually use them. "<keygen>" as > featured in > Chrome was also designed in the 90'ties. This is a very touchy issue since > > http://www.ietf.org/mail-archive/web/pkix/current/msg31241.html > > caused the PKIX chairs to remove me from the list! > Anders, did you ever look at this? http://lists.w3.org/Archives/Public/public-xg-webid/2011May/0047.html A full javascript solution to WebID including crypto libraries. May be interesting to this group. > > Anders > > > >
Received on Saturday, 6 October 2012 06:49:43 UTC