- From: Timothy Holborn <timothy.holborn@gmail.com>
- Date: Fri, 21 Nov 2014 09:05:46 +1100
- To: "henry.story@bblfish.net" <henry.story@bblfish.net>
- Cc: Mo McRoberts <Mo.McRoberts@bbc.co.uk>, "public-webid@w3.org" <public-webid@w3.org>
- Message-ID: <CAM1Sok2Gc-U=ugJ085=PSD=a2aV-+Uv9JAiWBtF_GN5ftohN2g@mail.gmail.com>
Mo, Looking at solutions for TV ATM. Pursuant to the HbbTV Spec [1], it appears TV's could be compatible with the WebID Spec. Whilst i foresee a complication around whether the WebID addresses the TV, or whether it denotes a person specifically (rather than a TV that is associated to a group of person/s) it's my view that in this case - WebID-TLS offers a very neat solution for TV personalisation, especially if, it's then linked to RWW / LDP platform for storing personalisation data, etc. Thoughts? [1] https://www.hbbtv.org/pages/about_hbbtv/specification.php On 21 November 2014 05:38, henry.story@bblfish.net <henry.story@bblfish.net> wrote: > > On 19 Nov 2014, at 15:24, Melvin Carvalho <melvincarvalho@gmail.com> > wrote: > > > > On 19 November 2014 14:33, Mo McRoberts <Mo.McRoberts@bbc.co.uk> wrote: > >> We use TLS CCA within the BBC for access to production services and >> tools. Thousands upon thousands of people use them regularly. I'm an issuer >> for third parties who've signed NDAs to get certs, so I also have to deal >> with them when they get unstuck. I can tell you absolutely categorically >> that the CCA user experience *is* universally terrible, especially around >> cert/key management. I know this not because I'm jumping to conclusions on >> behalf of end-users, but because I have to support the end-users who are >> using CCA. >> > > Mo, could you drill down into the pain points, in order of what you see as > the biggest, e.g. auth UI, keys across devices, lost keys, particular > browsers, etc. > > > +1 that would be very helpful. > It looks like a big issue you have is due to Certificate Authorities. But > once WebID removes that, what problems remain? > > > > Any thoughts on how we could make it better? > > >> >> M. >> >> > On 2014-Nov-19, at 13:16, Kingsley Idehen <kidehen@openlinksw.com> >> wrote: >> > >> > On 11/18/14 9:42 PM, Sandro Hawke wrote: >> >> On 11/12/2014 01:01 AM, Anders Rundgren wrote: >> >>> On 2014-11-12 05:36, Sandro Hawke wrote: >> >>>> On 11/10/2014 06:39 AM, Melvin Carvalho wrote: >> >>>>> Just wanted to highlight this interesting work from sandro >> >>>> >> >>>> Thanks. I should say the design came out of discussions with >> Andrei Sambra, >> >>> > trying to avoid the problems with poor browser support of client >> certificates. >> >>> >> >>> Sandro, that's a very interesting statement since the W3C is just >> about to launch >> >>> a continuation of WebCrypto which indeed may be focused on >> certificates and browsers! >> >>> >> >> >> >> I'm just speaking for myself as a user and software developer; I'm not >> involved in that W3C work. My feeling is the UX is terrible. My >> understanding is the only people who ever use it are people without a >> choice, like enterprise employees and university students. What fraction >> of consumer websites use client certs for user authentication? I've never >> seen one. I think that's because the UX is so bad. >> >> >> >> -- Sandro >> > >> > Sandro, >> > >> > If users are clueless about what they are doing, no amount of UX + UI >> will solve that. This issue isn't just about browser implementations, its >> about the combined effects of understanding (on the parts of users and app >> developers), UX, and UI. >> > >> > Focusing on the "UI/UX is bad" narrative will not fix anything. Which >> is akin to the "RDF tools are bad" narrative. >> > >> > Why don't we try a little harder in regards to exploiting the pinhole >> that TLS CCA offers? We've done that, and had success [1]. >> > >> > Users don't have a major problem with TLS CCA once they understand >> what's happening. Like many things (in my experience) its developers that >> are once again jumping to their own conclusions on behalf of end-users. >> > >> > >> > [1] http://youid.openlinksw.com -- Certificate Generator that produces >> Certs that make TLS CCA interactions easier to understand (New HTML version >> will soon be released) . >> > >> > -- >> > Regards, >> > >> > Kingsley Idehen >> > Founder & CEO >> > OpenLink Software >> > Company Web: http://www.openlinksw.com >> > Personal Weblog 1: http://kidehen.blogspot.com >> > Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen >> > Twitter Profile: https://twitter.com/kidehen >> > Google+ Profile: https://plus.google.com/+KingsleyIdehen/about >> > LinkedIn Profile: http://www.linkedin.com/in/kidehen >> > Personal WebID: >> http://kingsley.idehen.net/dataspace/person/kidehen#this >> > >> > >> >> >> -- >> Mo McRoberts - Chief Technical Architect - Archives & Digital Public >> Space, >> Zone 2.12, BBC Scotland, 40 Pacific Quay, Glasgow G51 1DA. >> >> Inside the BBC? My movements this week: http://neva.li/where-is-mo > > > Social Web Architect > http://bblfish.net/ > >
Received on Thursday, 20 November 2014 22:06:14 UTC