W3C home > Mailing lists > Public > public-webid@w3.org > September 2012

Re: WebID questions -- was: [dane] Call for Adoption: "Using Secure DNS to Associate Certificates with Domain Names For S/MIME"

From: Ben Laurie <benl@google.com>
Date: Thu, 27 Sep 2012 12:10:25 +0100
Message-ID: <CABrd9SQXENiD22Sf0DBF67V70BYekXciRmg4LyU6GHLN4_gyXw@mail.gmail.com>
To: Henry Story <henry.story@bblfish.net>
Cc: public-webid@w3.org
On 27 September 2012 12:01, Henry Story <henry.story@bblfish.net> wrote:
> I forgot to reply to this comment:
>
> On 27 Sep 2012, at 12:13, Ben Laurie <benl@google.com> wrote:
>
>
>>
>>
>> There is no need to restrict people to using 2 or 3. There is I believe a
>> limit on how many identities people wish to have.
>
>
> The W3C does not seem to agree -
> http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html claims
> that some people do not want to be correlated across sites.
>
>
> Yes. We are not saying the MUST be  correlated across sites, and we are not
> removing the freedom of people who wish not to be correlated.
>
> When I go to a web site I don't have to click the login button. f I click
> the login button and it asks me for a certificate I don't have to choose one
> with a WebID - or choose one at all for that matter.
>
> The browser UI people could add a field in the certificate login selection
> box for an origin-bound-certificate perhaps. I am not sure how they should
> present this, nor what the advantages or disadvanteges of doing that would
> be,  and it is outside the scope of the discussion here.
>
> But if I want to login with an identity I have on the web, and I want this
> to be correlated, then I don't see why that freedom should not be available
> to me.
>
> I am just saying that practically most people will not want to have 10000
> identities. Certainly if we restrict ourselves to identities that they want
> to use for correlation, it seems unlikely that people can cope with more
> than a handful or find it useful.

I find a standard that is not interested in helping people who want to
log in _and_ have privacy to not be very interesting.

>
>
>>
>> The rest is up to browser vendors to improve the User Experience.
>
>
>
>
> Social Web Architect
> http://bblfish.net/
>
Received on Thursday, 27 September 2012 11:10:53 UTC

This archive was generated by hypermail 2.3.1 : Sunday, 31 March 2013 14:40:59 UTC