(Can't respond inline on Google inbox, as far as I can tell...)
Re: credentials in the browser.
So,
How do you reset your tls cert? Say, for nanna...
Are you suggesting you think credentials are unnecessary?
What's the difference between trusting a data space service with your data
vs. your credential access support.
Do you think it's global or go home; or,
Should every legal entity (and/or bot/agent) be able to "mint" a
"credential", and what happens if your computer is stolen, or fails, or
someone else is using your account on your computer.
How does it support isolation of roles/persona.
Communities at all levels share and disagree on an array of values. From
images relating to local laws on nudity or gun licensing, to the cost of
education.
Who says one ring should rule them all...
On Thu, 18 Jun 2015 at 12:17 am, Melvin Carvalho <melvincarvalho@gmail.com>
wrote:
> On 17 June 2015 at 14:23, Eric Korb <eric.korb@accreditrust.com> wrote:
>
>> Interesting article.
>>
>>
>> http://www.fastcompany.com/3044280/one-more-thing/the-ghosts-of-app-permissions-past
>>
>
> Yep, it used to be even worse. They used to phish your password:
>
> http://microformats.org/wiki/social-network-anti-patterns
>
> Mozilla persona still does this.
>
> I prefer to keep credentials in the browser. This can be done today with
> X.509 or the web crypto API.
>
>
>>
>> ----------------------------------
>> Eric Korb, President/CEO - accreditrust.com
>> <https://www.accreditrust.com>
>>
>>