W3C home > Mailing lists > Public > public-webid@w3.org > May 2014

Re: Releasing RWW.IO

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Sun, 4 May 2014 01:04:27 +1000
Message-Id: <1117964B-B894-46B0-91F2-BA7F4D2086A6@gmail.com>
Cc: Andrei Sambra <andrei.sambra@gmail.com>, public-webid <public-webid@w3.org>, "public-rww@w3.org" <public-rww@w3.org>
To: Anders Rundgren <anders.rundgren.net@gmail.com>


Sent from my iPad

> On 4 May 2014, at 12:45 am, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
> 
> On 2014-05-03 15:43, Andrei Sambra wrote:
>>> I think there's a slight distinction between WebID and WebID+TLS.
>>> 
>>> WebID itself is independent of the auth mechanism.
>> 
>>    Yes, this enhancement was introduced as a "workaround".
>> 
>> 
>> Not at all. You must still be reasoning in terms of WebID = TLS CCA. 
>> WebID is all about identifiers and identity (it's written in the spec, really),
>> whereas WebID-TLS deals with authentication. It was never an "enhancement", nor a "workaround".
> 
> We can call it whatever we like, the user-experience offered by WebID as featured
> on http://cimba.co web doesn't meet reasonable user expectations and as see it it
> never will unless you use another authentication method like FB Connect.
> 
> However, in addition to likely bringing in the NASCAR syndrome (to cope with other
> IDPs), FB Connect is essentially the opposite to decentralized so from my perspective
> WebID appears as "not ready for prime-time".
> 
> If it is of any comfort, the Web Payment folks suffer from the same problem, i.e.
> a lack a suitable authentication system combining convenience AND security.
> 
I think we're collaboratively defining a solution.  I don't think one exists yet.

> Cheers,
> Anders
> 
Received on Saturday, 3 May 2014 15:05:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:05:55 UTC