W3C home > Mailing lists > Public > public-xg-webid@w3.org > February 2011

RE: WebID-ISSUE-19: x509v3 Independence and TLS Extensions [WebID Spec]

From: Peter Williams <home_pw@msn.com>
Date: Fri, 4 Feb 2011 09:35:13 -0800
Message-ID: <SNT143-w419C94E9DD4BB3195EF35492E60@phx.gbl>
To: <public-xg-webid@w3.org>


There is an issue here.
 
The scheme in [1] argues for passwords (unphisable ones) - saying certs and the like are too hard
 
The issue is "websso".
 
The biggest problem any consumer talks about (anyone ever talk to them?) is that they dont want 50 passwords - which is the situation today.
 
Do we accept the "authentication silo" as an issue - albeit a cultural one?
 
Even if I had the miracle of MutualAuth, do I really want 50 passwords, on 34 different password regimes, and 14 differnet lifecycles, and 3 different uses of email for recovery?
 
 
 

----------------------------------------
> From: home_pw@msn.com
> CC: public-xg-webid@w3.org
> Date: Thu, 3 Feb 2011 19:50:32 -0800
> Subject: RE: WebID-ISSUE-19: x509v3 Independence and TLS Extensions [WebID Spec]
> To: public-xg-webid@w3.org
>
>
> I only found one valuable link (I hope I dont offend the contributors, by being this blunt). If I was a VC with 250k starter stakes and hearing any of those stories, 3 of them would be out of the door in 5m. The other might get a free lunch, to encourage him to broaden the pitch more.
>
>
> > [1] http://www.rcis.aist.go.jp/special/MutualAuth/ 		 	   		  
Received on Friday, 4 February 2011 17:35:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:22 UTC