- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Sat, 06 Oct 2012 08:16:51 +0200
- To: Henry Story <henry.story@bblfish.net>
- CC: public-identity@w3.org
On 2012-10-05 20:47, Henry Story wrote: >> WebCrypto could very well become a better mousetrap than TLS CCA. > > By WebCrypto you mean using javascript. That does not really change anything. It does because it liberates WebID from a scheme (TLS CCA) that in its current form is doomed as a consumer solution. TLS CCA is actually quite popular and useful for creating secure tunnels between servers. However, as a web solution for end-users TLS CCA has essentially not taken a single step forward since 1996! Well, the "underpinnings" have changed considerably but that doesn't help much since its "behavior" remains neanderthalish. The latter is presumably "by design". I'm surprised that you find the current key generation mechanisms useful. No major user of consumer-PKI I have heard of actually use them. "<keygen>" as featured in Chrome was also designed in the 90'ties. This is a very touchy issue since http://www.ietf.org/mail-archive/web/pkix/current/msg31241.html caused the PKIX chairs to remove me from the list! Anders
Received on Saturday, 6 October 2012 06:17:29 UTC