Re: DomCrypto - Revised Strategy? from Harry Halpin on 2011-11-18 (public-identity@w3.org from November 2011)

From: Harry Halpin <hhalpin@w3.org>
Date: Fri, 18 Nov 2011 00:34:35 -0000 (GMT)
To: "Anders Rundgren" <anders.rundgren@telia.com>
Cc: "public-identity@w3.org" <public-identity@w3.org>
Message-ID: <f8a09398487905b87cce43f141843be2.squirrel@webmail-mit.w3.org>

> Google has silently already launched their Origin Bound Certficate TLS
> extension in Chrome.  IMO, this is the only way forward.
>
> If Mozilla is serious about DomCrypt, Mozilla must release "as is";
> nobody will care otherwise.

 DomCrypt is already joint work between Mozilla and Google. Origin Bound
Certs are no doubt a good idea as well. Again, we've discussed more
general purpose certs, if you think this should be part of the WG charter
you must specify textual changes to the charter now, as right now most of
that is out-of-scope for the API.

>
> Google did the same with their wallet which is a REALLY interesting
> thing.  Unfortunately the architecture seems to be secret.
>
> Anders
>
>

Received on Friday, 18 November 2011 00:34:40 UTC