U2F and keygen from henry.story@bblfish.net on 2014-07-20 (public-webid@w3.org from July 2014)

From: <henry.story@bblfish.net>
Date: Sun, 20 Jul 2014 18:42:20 +0200
To: Anders Rundgren <anders.rundgren.net@gmail.com>
Cc: public-webid@w3.org
Message-Id: <99057BD6-CF49-46BA-985C-C6D7471CB5D9@bblfish.net>

On 20 Jul 2014, at 18:33, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:

> On 2014-07-20 18:17, henry.story@bblfish.net wrote:
> <snip>
>> The important thing is that it is in the html5 standard
>> 
>>   http://www.w3.org/TR/html5/forms.html#the-keygen-element
> >
> 
> Why it that?  Microsoft doesn't care and neither does Apple (for iOS).

I don't care that microsoft does not care since I can work around it
using ActiveX. And for iOS I can find solutions that work around that problem
too. 

In the end if we have enough killer apps we can get users to vote with
their feet. But for the moment we don't so we do with what we have got,
which as it turns out is enough to get going.

> 
>> With JavaScript you can easily work around the  Microsoft exception by
>> calling their ActiveX extension.
> 
> The problem (for WebID) is that this won't be the case of U2F since
> it was designed from the ground-up with interoperability in mind.
> 
> If we for a moment forget the fact that only Google is allowed creating
> new authentication schemes, do you have any objections to the following?
> 
> http://lists.w3.org/Archives/Public/public-webid/2014Jul/0049.html

I don't see why I should have anything against it. How would it benefit me
now? How would it benefit me long term?

> 
> Anders

Social Web Architect
http://bblfish.net/

Received on Sunday, 20 July 2014 16:42:52 UTC