Re: Draft Web Identithy Working Group Charter for Discussion

On 19 Oct 2011, at 21:08, Harry Halpin wrote:

>> Harry,
>> 
>>> The one idea that came up was a possible future
>>> workshop focused more narrowly on certificates.
>> 
>> That would be great.  I would suggest covering not only traditional
>> certificates, but also credentials based on privacy-enhancing
>> technologies; i.e. a workshop on cryptographic credentials in general.
> 
> Yes, although not that we still have a Crypto API (likely based around
> DomCrypt work) in the charter. Therefore, the use of cryptographic
> credentials in a Crypto API and their relationship of this Crypto API to
> identity authentication and authorization is definitely within scope for
> the future WG.
> 
> However, any proposed solutions that require change the CA system (which
> many agree are needed at the workshop, but that's beyond the W3C) or
> changes to how certificates are currently generated are out-of-scope as
> decided by the workshop in our final session.

So that would put BrowserId out of the loop then. They have their own JSON
format for certificates.... Are you suggesting that BrowserId should use X509 certificates? That would be completely possible btw.

Henry

> 
> We will announce any future workshops that more narrowly scope themselves
> to certificates and the CA system on this mailing list.
> 
>> 
>> Francisco
> 
> 

Social Web Architect
http://bblfish.net/

Received on Wednesday, 19 October 2011 20:26:05 UTC