- From: Jonas Smedegaard <dr@jones.dk>
- Date: Fri, 21 Nov 2014 13:33:04 +0100
- To: public-webid@w3.org
- Message-ID: <20141121123304.4676.3362@bastian.jones.dk>
Quoting henry.story@bblfish.net (2014-11-21 12:58:43) > On 21 Nov 2014, at 10:49, Mo McRoberts <Mo.McRoberts@bbc.co.uk> wrote: >> On 2014-Nov-20, at 18:38, henry.story@bblfish.net wrote: >>> It looks like a big issue you have is due to Certificate >>> Authorities. But once WebID removes that, what problems remain? >> >> CAs are a very small part of the puzzle, to be honest. The >> complication they meaningfully add is a one-time affair, and it’s >> easily managed. [...] > In general CA requirements make it impossible to use for any company > smaller than the BBC. Particularly it makes it useless for individuals > or small companies, as without a CA nobody would recognise their > certificate. It would only be useable for their own site, in which > case username/passwords would be all that is needed. I agree that CA is not always "easily managed", but it makes great sense to me to separate that from all of those other issues that are equally relevant for both large organizations and smaller environments. BTW, Regarding CA for smaller (and non-)organizations (but arguably less relevant for WebID), EFF is working on <https://letsencrypt.org/>, seemingly in cooperation with Mozilla, so more likely to get better adoption than CAcert.org. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
Received on Friday, 21 November 2014 12:33:38 UTC