Re: (Pre-)Intent to Deprecate: <keygen> element and application/x-x509-*-cert MIME handling from Henry Story on 2015-08-01 (public-rww@w3.org from August 2015)

From: Henry Story <henry.story@co-operating.systems>
Date: Sat, 1 Aug 2015 11:08:56 +0200
To: Carvalho Melvin <melvincarvalho@gmail.com>
Cc: Read-Write-Web <public-rww@w3.org>, public-webid <public-webid@w3.org>
Message-Id: <211CFE33-5D7D-40C8-B89E-0F16CA16B0BF@co-operating.systems>

As a pointer for future reference the full thread is here:

  https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/pX5NbX0Xack/discussion <https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/pX5NbX0Xack/discussion>

Ryan Sleevi keeps arguing that he has fundamental arguments against keygen and client certs.
But for each of the arguments presented it is easy to find answer often a UI interface improvement 
that would solve the stated problems. Other problems are handwaved at and I am still waiting for clarification.

There are pointers to other technologies that would be better aparently, but it is suspicious that
they should want to remove a working one for yet to be tested ones, which makes it look more
like a political/business move than a technical one: removing a problematic competitor is often
easier than proving oneself.

Hopefully the discussion will help clarify some things.

Henry

> On 30 Jul 2015, at 18:01, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
> 
> FYI: Google / Ryan Sleevi's comments on WebID
> 
> ---------- Forwarded message ----------
> From: Ryan Sleevi <rsleevi@chromium.org <mailto:rsleevi@chromium.org>>
> Date: 30 July 2015 at 17:53
> Subject: Re: (Pre-)Intent to Deprecate: <keygen> element and application/x-x509-*-cert MIME handling
> To: Melvin Carvalho <melvincarvalho@gmail.com <mailto:melvincarvalho@gmail.com>>
> Cc: blink-dev <blink-dev@chromium.org <mailto:blink-dev@chromium.org>>
> 
> 
> 
> On Jul 30, 2015 7:42 AM, <melvincarvalho@gmail.com <mailto:melvincarvalho@gmail.com>> wrote:
> >
> 
> >
> > -1 KEYGEN is in use.
> >
> > This move will be severely detrimental several grass roots communities, such as the WebID community.  
> >
> > [1] https://www.w3.org/community/webid/participants <https://www.w3.org/community/webid/participants>
> >  
> 
> This comment doesn't really address any of the technical concerns raised. WebID has repeatedly demonstrated a willingness to appropriate ill-suited technology, and has readily acknowledged that no browser implements the desired functionality for WebID to be successful.
> 
> WebID is still nascent, and readily admits it won't work with Edge. An alternative would be for WebID to proceed with standards that are actually widely used and have a viable chance at being usable - such as WebCrypto.
> 
> But it seems odd to hold a feature that was never fit to purpose nor working as desired hostage for experimental activity in a CG.
> 
>

Received on Saturday, 1 August 2015 09:09:30 UTC