W3C home > Mailing lists > Public > public-webid@w3.org > May 2014

Re: HTTPS Client Certificate Authentication - Browser Implementation Guidelines

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Sun, 18 May 2014 10:38:47 +0200
Message-ID: <53787197.6090901@gmail.com>
To: Timothy Holborn <timothy.holborn@gmail.com>
CC: "public-webid@w3.org" <public-webid@w3.org>
On 2014-05-18 10:03, Timothy Holborn wrote:
> i doubt the response will be a unanimous migration to http://webpki.org/ ...

Of course not.  The US banks and the US government have no interest in consumer PKI
in the same way as they haven't introduced EMV-cards.


> On 18 May 2014 18:01, Anders Rundgren <anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> wrote:
>     If the WebID folks including TimBL believe that the only problem is the UI, the most
>     logical thing to do would be creating a document like the subject line suggests.
>     There is a risk that the vendors will simply laugh at such a request,  but that's much
>     better than promising improvements that so far haven't even been acknowledged by
>     those who are supposed to implement them.
>     I would personally be very interested in hearing what the "right" session inactivity
>     timeout for logout is.  Client-side enforced logout requires TCP reset.
>     Anders
Received on Sunday, 18 May 2014 08:39:22 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:05:55 UTC