- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sun, 18 May 2014 09:40:28 +0200
- To: Melvin Carvalho <melvincarvalho@gmail.com>
- CC: "public-webid@w3.org" <public-webid@w3.org>
On 2014-05-18 09:22, Melvin Carvalho wrote: > > > > On 18 May 2014 08:54, Anders Rundgren <anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> wrote: > > This limitation has been discussed in various W3C forums for at least two years. > As far as I know *none* of the browser vendors have ever commented on this. > > To me that says: The browser vendors do not care about HTTPS CCA (Client > Certificate Authentication) at all. > > Hoping for improvements in HTTPS CCA is a pure waste of time; it is better > start playing with other authentication technologies. There are such. > > > FWIW > > Personally, I *love* this feature, since, like most people, I dont use a shared computer. > > Let's face it, if you shared your computer, you've lost all your security already ... I don't disagree but banks do not like the idea that you may be logged in for days without doing anything. It all goes back to the fact that HTTPS CCA is incompatible with established methods for maintaining web sessions. That's all. Anders Anders > > > > Anders > >
Received on Sunday, 18 May 2014 07:41:06 UTC