- From: carmen r <_@whats-your.name>
- Date: Fri, 3 Jun 2016 08:59:56 +0000
- To: public-rww@w3.org
> We need a human centric web. i see differentiators between that and our service orientated heritage hi tim(h), sometime in past couple of years tim(bl) in an interview (maybe TIME.com) mentioned work yet to be done on social aspects of the web - with a brief mention of identity or certificates, also even more briefly noting the idea of family certificates. as you know, software-support of even the basic user-certificate feature is in-flux and incomplete in shipped web-browsers. https://www.w3.org/Webauthn/ appeared, and there's https://fidoalliance.org _____ membership of a group could be based on possession of a certificate group-certs could be exchanged in person with mobile-devices via NFC tapping or camera and QR-scanning, after both members initiate a key-exchange session using their cert-management UI. or cert is escrowed online in a group's private space, which you could download into browser as a member enhanced-security Solid daemons could store blobs only decryptable by key-holders, ACL check becomes pointless other than to avoid sending data that won't be decryptable _____ unsure if you mean "service orientated" as in online service run by a single company as in to get "Group" features, everyone creates an account on a particular online site fancier next-of-kin, and power-of-attorney and delegated/proxy scenarios are the kind of thing that could potentially be enabled via shared group or family certificates. none of this is shipping now, instead major services are implementing things on an adhoc basis: “They listened to all the pundits and drew up the documents. Then the bank says, ‘That’s very nice, but it’s not our form.’” http://www.nytimes.com/2016/05/10/health/finding-out-your-power-of-attorney-is-powerless.html > Other situations may involve 'digital hostage' styled use-cases keeping in mind the classic https://xkcd.com/538/ when thinking about keys is good a concensus system involving group-members could robustify against this attack, you can hold a wrench and point a gun at one person, but can you round up enough like-minded evil to do this to >50% of the group-members which would be required to do X where X is something like transfer ownership, add new members to group etc
Received on Friday, 3 June 2016 09:00:21 UTC