Re: Question about "TLS CCA Session" versus "Web Session"

Hi,

On Mon, May 12, 2014 at 12:01 PM, Kingsley Idehen <kidehen@openlinksw.com>wrote:

>  On 5/12/14 11:47 AM, Melvin Carvalho wrote:
>
>
>
>
> On 12 May 2014 16:30, Kingsley Idehen <kidehen@openlinksw.com> wrote:
>
>> On 5/12/14 9:41 AM, Timothy Holborn wrote:
>>
>>> If a user has a static IPv6 address, can that be linked to a WebID?
>>>
>>
>>  Yes!
>>
>> And at that point the utility of WebID re,. Internet of Things (IoT) will
>> become even clearer. Today, we are looking at WebIDs and their effect on
>> one kind of Agent i.e., a Person. There's much more to come in the
>> Machine-Machine (M2M) realm of IoT.
>>
>
> +1000
>
>  M2M is the next frontier.  Very exciting, and slightly scary! :)
>
>
> Not scary if all your data (represented by RDF statement graphs) are
> deemed private by default.  Thus, your ACLs (or policies) ultimately
> control data access.
>
> A genuine fear is that vendors will make your broadly accessible to others
> by default using UX patterns disguised as convenience.
>

At this point, my personal feeling is that WebID-TLS is probably the best
authentication protocol for M2M. While asymmetric crypto has a certain
appeal to me for authentication, we all agree that currently the UX is
really bad. If we think about it for a second, in a word where M2M is the
defacto operation mode, people can simply fallback to username/password
authentication. They only need to remember/manage a single pair of
credentials.

Things are starting to become interesting!

-- Andrei

>  --
>
> Regards,
>
> Kingsley Idehen 
> Founder & CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter Profile: https://twitter.com/kidehen
> Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>
>
>
>