- From: Andrei Sambra <andrei.sambra@gmail.com>
- Date: Sat, 3 May 2014 09:43:35 -0400
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- Cc: Melvin Carvalho <melvincarvalho@gmail.com>, public-webid <public-webid@w3.org>, "public-rww@w3.org" <public-rww@w3.org>
- Message-ID: <CAFG79ehJ728V1awFgP6tDWPM7mH5voGgasy6jQzyXp3ZS3HGZw@mail.gmail.com>
Hi, On Sat, May 3, 2014 at 7:42 AM, Anders Rundgren < anders.rundgren.net@gmail.com> wrote: > On 2014-05-03 13:19, Melvin Carvalho wrote: > > > > > > > > On 3 May 2014 10:08, Anders Rundgren <anders.rundgren.net@gmail.com<mailto: > anders.rundgren.net@gmail.com>> wrote: > > > > Now I have tried it out as well including the micro-blogging. > > > > > > Awesome. I typed your name "A n d e r" into the channel finder and your > webid came up after about 3 letters. I'm now following you. > > > > > > It was cool with one exception, TLS CCA (Client Certificate > Authentication) > > > > Logging in to http://cimba.co required me to select certificate > twice and > > from a pretty long list of non-WebID certificates. > > > > Unless W3C gets their act together and creates a web-compliant > replacement > > for TLS CCA, WebID won't ever catch on. I have no faith in W3C for > taking > > any action on this since not even the requirements have ever been > discussed. > > TLS is a sacred cow. > > > > > > I think there's a slight distinction between WebID and WebID+TLS. > > > > WebID itself is independent of the auth mechanism. > > Yes, this enhancement was introduced as a "workaround". > Not at all. You must still be reasoning in terms of WebID = TLS CCA. WebID is all about identifiers and identity (it's written in the spec, really), whereas WebID-TLS deals with authentication. It was never an "enhancement", nor a "workaround". -- Andrei > > > > > One hope was that mozilla labs would help with the UX, as below. > > > > http://www.azarask.in/blog/post/identity-in-the-browser-firefox/ < > http://www.azarask.in/blog/post/identity-in-the-browser-firefox/> > > That's where it gets wrong, there is no UX problem to solve. It is the > underpinning TLS CCA scheme that is the sole culprit which is why Google, > Microsoft, Paypal, RSA, ARM (!), etc. abandoned it in favor of U2F. > > Your best option at this stage is probably defining a WebID-U2F profile. > > Personally, I'm not overly interested in U2F, it is much simpler making > client-side X.509 "web-compatible" by building on the already established > schemes out there. > > Anders > > > > > > > Fortunately Google hadn't any problems slaughtering this poor > creature > > when they started their U2F project which have created a hype I > haven't > > seen before during my 15Y+ in the "id-business". It didn't take an > > eternity either. > > > > Anders > > grumpy old fart with a mission > > > > > > > >
Received on Saturday, 3 May 2014 13:44:26 UTC