W3C home > Mailing lists > Public > public-webid@w3.org > May 2014

Re: UI for client cert selection (Was: Releasing RWW.IO)

From: Sandeep Shetty <sandeep.shetty@gmail.com>
Date: Sun, 4 May 2014 02:08:08 +0530
Message-ID: <CACO=zvp=PECcseC23NH1_yq3W8H8=y_7_bdWY7JvLXJcDdZ0HA@mail.gmail.com>
To: Tim Berners-Lee <timbl@w3.org>
Cc: Anders Rundgren <anders.rundgren.net@gmail.com>, Andrei Sambra <andrei.sambra@gmail.com>, public-webid <public-webid@w3.org>, "public-rww@w3.org" <public-rww@w3.org>
Another thing that would be nice, is the ability to securely sync the
certs across my devices. I already use client-side certs for services
like http://www.startssl.com and can put up with almost everything
that's broken about the UI, except for the inconvenience of moving the
cert across my various devices, especially when I need to use it once
a year (in the case of startsll to renew SSL certs), which is a large
enough time-frame that I might not even be using the device I had
originally installed the client-side cert on.

-- 
Sandeep Shetty

On Sun, May 4, 2014 at 12:21 AM, Tim Berners-Lee <timbl@w3.org> wrote:
>
> On 2014-05 -03, at 10:45, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
>>
>> We can call it whatever we like, the user-experience offered by WebID as featured
>> on http://cimba.co web doesn't meet reasonable user expectations [..]
>
> So imagine the browser was going to be changed to make that better.
>
> People seem to widely agree that the client-side cert UI is bad on browsers
> Can we at least do a thought experiment to be in a world where it is fixed -- what would that look like?
> Maybe things like:-
>
> - Allowing the user to click a check box on "Always use this persona (client-side cert) with this web site (domain)"
> - Allowing a preferences access to manage the persona/website allocation matrix
> - Allow more screen space for selecting those certs
> - Allow a user to label, color, and suppress certs in the list
> - By default, not including expired certs in the list
> - Tracking which persona is in use on this website (only when a user has more than one) in the URL bar
>
> and so on.  Maybe is someone sketched the UI then a browser code could be persuaded to do it.
> It is necessary for existing client side cert sites anyway, and would maybe make the cimba.co experience
> quite reasonable.
>
> timbl
Received on Saturday, 3 May 2014 20:38:57 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:05:55 UTC