W3C home > Mailing lists > Public > public-xg-webid@w3.org > July 2011

Re: Browser ID

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Sat, 16 Jul 2011 17:17:28 +0100
Message-ID: <4E21B998.3080608@openlinksw.com>
To: Ben Adida <ben@adida.net>
CC: Henry Story <henry.story@bblfish.net>, WebID XG <public-xg-webid@w3.org>
On 7/16/11 6:09 AM, Ben Adida wrote:
> I disagree. The server-side component can be quite gnarly. Have you 
> investigated how this works if you use an SSL accelerator? If you use 
> Amazon EC2's SSL load balancer? My sense is the abstraction layers get 
> very gnarly.
>
> Plus, what do you do for short-lived certs? We don't want to deal with 
> revocation. 

User logs into IdP provided data space and deletes their problematic 
public keys.

What happens when someone steals a PC/Laptop/Tablet with the private key 
associated with the public key in a BrowserID scenario? The statement 
above tells you what can happen re. WebID.

Re. BrowserID is the mailto: URI to public key relation 1:1 or 1:N ? 
This too has implications.


> Can you trigger cert re-generation automatically and silently? I don't 
> think so. 

Of course!



-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen
Received on Saturday, 16 July 2011 16:17:54 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:25 UTC