- From: Chris Drake <christopher@pobox.com>
- Date: Tue, 13 Jun 2006 07:58:33 +1000
- To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
- CC: "Frederick Hirsch" <frederick.hirsch@nokia.com>, "George Staikos" <staikos@kde.org>, <public-usable-authentication@w3.org>
Hi Phillip, Great analysis, and great info. You said (I think?) that you believe chrome has the biggest potential for immediate return. I've noticed that swathes of businesses don't allow their workers near XP (they stick to older "trusted" platforms). I notice that that Vista, if it even has a release date, looks to me at least "years" away still, and ditto for InfoCard - and even if it arrived, much larger swathes of people won't have it for half a decade or more to come. There's also half a dozen or more browser vendors, none of whom seem to be able to agree either on the most basics of compatibility, nor on good standards compliance. Why do you think there's a potential for "immediate return" in that quagmire? If I were to put aside my disagreement with most of ideas presented relating to browser chrome, I still don't think I'd be convinced that all those vendors are going to (A) start talking and working together, and (B) get it right - at least not in any timescale relating to "immediate" ? The *problem* that I think everyone is overlooking, is that authentication is NOT the kind of problem that *can* be broken down into nice tidy discreet solutions. You can't have Chrome as a single solution - chrome is just a small part of a solution - and no part of the chrome component can be developed in isolation from the rest (2-way identification, multifactor authentication, identity handling, etc etc). I know this is ugly, an administrative nightmare, a lot of work, a privacy nightmare, and irritating to have to explain to non-techies - but whatever bit you leave out will be the weak link that brings you down in the end. Kind Regards, Chris Drake
Received on Monday, 12 June 2006 21:58:56 UTC