- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Sat, 1 Jun 2013 20:20:32 +0200
- To: Simon Tennant <simon@buddycloud.com>
- Cc: "public-fedsocweb@w3.org" <public-fedsocweb@w3.org>
- Message-ID: <CAKaEYh+rmDDt3MFzu46gd-+5L2hzZoq_SnAvP_zqRyRdP7so4w@mail.gmail.com>
On 1 June 2013 20:16, Simon Tennant <simon@buddycloud.com> wrote: > On 1 June 2013 19:40, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > >> >> >> >> On 1 June 2013 19:23, Simon Tennant <simon@buddycloud.com> wrote: >> >>> You could reinvent the wheel by using HTTP, and then hope that all major >>> browser makers start including your client side certificate code. I >>> wouldn't hold my breath. >>> >> >> Im unsure what you mean, all browsers have had client side certs for 10 >> years+. It's just the UX that is not compelling. >> > > You are right - I see Chrome now supports client side certs. > >> >> >>> >>> Alternatively you could simply build on federated protocols that already >>> include strong identity, encryption and dial-back authenticity like XMPP. >>> And instead spend your energy on designing your interchange messages. >>> >> >> XMPP is a great system. No problem with hacking on it. But an HTTP >> solution is also needed if you want to play in the same league as the big >> guns. >> > > Not quite sure what you mean by this. > I think XMPP is great as part of an overall solution in the FSW. And I'm keen that XMPP systems should be able to communicate with other systems. The JID xmpp:user@host in my view is an excellent choice of identifer, I can add it to may roster, and there's a well defined way to send the messages. But we need solutions in the HTTP space as well. Facebook for example have decent solutions in HTTP, email AND XMPP. It's just a pity it's centralized and proprietary. > > -- > Simon Tennant | buddycloud.com | +49 17 8545 0880 | office hours: > goo.gl/tQgxP >
Received on Saturday, 1 June 2013 18:21:00 UTC