- From: Timothy Holborn <timothy.holborn@gmail.com>
- Date: Sun, 4 May 2014 01:04:27 +1000
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- Cc: Andrei Sambra <andrei.sambra@gmail.com>, public-webid <public-webid@w3.org>, "public-rww@w3.org" <public-rww@w3.org>
Sent from my iPad > On 4 May 2014, at 12:45 am, Anders Rundgren <anders.rundgren.net@gmail.com> wrote: > > On 2014-05-03 15:43, Andrei Sambra wrote: >>> I think there's a slight distinction between WebID and WebID+TLS. >>> >>> WebID itself is independent of the auth mechanism. >> >> Yes, this enhancement was introduced as a "workaround". >> >> >> Not at all. You must still be reasoning in terms of WebID = TLS CCA. >> WebID is all about identifiers and identity (it's written in the spec, really), >> whereas WebID-TLS deals with authentication. It was never an "enhancement", nor a "workaround". > > We can call it whatever we like, the user-experience offered by WebID as featured > on http://cimba.co web doesn't meet reasonable user expectations and as see it it > never will unless you use another authentication method like FB Connect. > > However, in addition to likely bringing in the NASCAR syndrome (to cope with other > IDPs), FB Connect is essentially the opposite to decentralized so from my perspective > WebID appears as "not ready for prime-time". > > If it is of any comfort, the Web Payment folks suffer from the same problem, i.e. > a lack a suitable authentication system combining convenience AND security. > I think we're collaboratively defining a solution. I don't think one exists yet. > Cheers, > Anders >
Received on Saturday, 3 May 2014 15:05:10 UTC