W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2012

Re: wot won Thing, asked W3C Identity Conference

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Sat, 7 Jan 2012 21:34:18 +0100
Message-ID: <CAKaEYhJH0NHYYFNX6qUEiLexU5zvspgwj8N=yssQArFwKZrJ1A@mail.gmail.com>
To: Peter Williams <home_pw@msn.com>
Cc: "public-xg-webid@w3.org" <public-xg-webid@w3.org>
On 7 January 2012 19:51, Peter Williams <home_pw@msn.com> wrote:
> Your innovating again. Trying to change the space. That contrasts with my
> model (use what's there, at tiny extra cost). SOme happy medium has to
> emerge I(with a promise that the cycle repeats)
>
> Its hard. Which is just more enabling?
>
> 1. make the older client cert stuff work in the old client/server browser
> with vendor-controlled crypto, but done right for late-stage usage patterns
> of 20 years old stuff
>
> 2. take the new pipe with user controlled javascript crypto, and dump
> client/server for secure signalling.
>
> Does one leap 4 bridges or 2. Can the tanks really keep up with the elite
> parachutists, as they lumber along through the mud?

I already use a browser (dooble with interface plugin) that is a full
duplex server ... it encrypts chat in realtime using the key in my
WebID.

I can even play an encrypted game of chess using that key, with more
features coming soon.

It's not a mainstream use of PKI, but it works today and my hope is
that one day it will be.  That's what I think will be the game changer
... but there's lots of dots to join on the way ...

>
> ONe of my parents tells a story of a high power scientist  innovating with
> PVC, for tank electrics. Took them to Libya, and they didnt work reliably.
> Noone knew the UV destroyed PVC (until you pigment it with 1c worth of
> filler). All worked reliably in cloud cast England.
>
>
>
>
>
>
>
>> Date: Sat, 7 Jan 2012 18:01:46 +0100
>> Subject: Re: wot won Thing, asked W3C Identity Conference
>> From: melvincarvalho@gmail.com
>> To: home_pw@msn.com
>> CC: public-xg-webid@w3.org
>
>>
>> On 7 January 2012 17:38, Peter Williams <home_pw@msn.com> wrote:
>> > The identity conference hosted by W3C aksed folks to state one thing
>> > that
>> > could be done by all browser manufacturers, that makes a difference. The
>> > difference doesnt have to save this world. It just has to remove a
>> > disabling
>> > barrier.
>> >
>> > For me, its for ALL mainstream browsers to have something similar to
>> > that
>> > provided in IE8+: the "New Session" menu item. This is that which, in
>> > the
>> > SSL world, allows me to stay on the same site (e.g. WebID Realm) and
>> > change
>> > client certificate, without exiting the browser. (It may have other
>> > properties related to pseudo-privacy, too)
>> >
>> > With all mainstream browser others than IE8+, I have to exit the browser
>> > to
>> > use a differnt persona (and even all instances of the process, in some
>> > of
>> > the worst cases).
>> >
>> > With New Session I dont. I get a new brower window (with new tab set),
>> > enabled with new SSL client authn.
>> >
>> > This is worth having universally. WebID depends on it, I'd counsel.
>>
>> IMHO the biggest game changer would be for browsers to become full
>> duplex, rather than client-server.
>>
>> Identity (eg webid) and HTML can play a role in that. There's a few
>> early prototypes out there already ... hopefully that's the direction
>> things will go to make the web more of the read/write P2P distributed
>> storage system that was originally envisaged.
>>
>> >
>> > The second thing is ... almost equally useful. But, Im not allowed two
>> > wishes.
Received on Saturday, 7 January 2012 20:34:45 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 7 January 2012 20:34:45 GMT