- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Mon, 05 Jan 2015 17:29:51 +0100
- To: Kingsley Idehen <kidehen@openlinksw.com>, public-webid@w3.org
Kingsley, This discussion isn't going anywhere since You, Henry and a bunch of other people hangout out in this list insist that TLS CCA works just fine while Google and hundreds of other big companies are betting on an entirely different authentication technology (which BTW seems awfully difficult to merge with WebID). Dirk Balfanz (inventor of named scheme) on TLS CCA: http://www.browserauth.net/tls-client-authentication Anders On 2015-01-05 16:42, Kingsley Idehen wrote: > On 1/4/15 2:34 PM, Anders Rundgren wrote: >> On 2015-01-04 19:49, Kingsley Idehen wrote: >>> On 1/4/15 10:27 AM, Anders Rundgren wrote: >>>> On 2015-01-04 16:21, Timothy Holborn wrote: >>>>> Interesting. I found more info [1] >>>>> >>>>> Does it support WebID-TLS? >>>> >>>> It is primarily intended to lower the cost (maybe to zero) for getting >>>> a TLS server-certificate. >>>> >>>> For WebID-TLS there's no hope. The industry have take another route. >>>> >>>> Anders >>> >>> Happy New Year! >>> >>> Again, WebID-TLS and TLS are loosely coupled items. The industry hasn't >>> gone anywhere, it is mired in an identity and trust crisis. >>> >>> I strongly encourage you to put your personal biases aside. Doing that >>> will enable you understand where WebID-TLS and similar approached re. >>> Blogic (webby logic) fit into the mix re., addressing the identity and >>> trust problem that's putting every Web and Internet users privacy at >>> risk etc.. >> >> There are 25M Korean users of X.509 certificates on the web. How many >> users >> have WebID-TLS? 100? 1000? 10000? > > What is WebID-TLS to you? > X.509 != TLS let alone WebID-TLS. X.509 its a standard for creating a > digital representation of an Identity Card (Certificate). > > There isn't an such notion as "having WebID-TLS" it is simply a protocol > for verifying claims in a WebID-Profile document that you lookup via a > WebID placed in an X.509 Certificate. > >> >> What's worse is that the 25M users are being *pushed off the web* since >> plugins are about to be "outlawed". > > X.509 and Browser Plugins two distinct things. I don't understand why > you continue to conflate all the puzzle-pieces. > >> Sweden, another big user of X.509+Web has >> already left the web (browser) for Android and iPhone app-based >> solutions. > > This isn't about Web Browsers. It is about verifying identity claims > over HTTP using trust Webs crafted using logic. >> >> Do you have any solution to this? > > What is the problem? > >> Do I? YES! W3C must perform market >> research and not only rely on a handful of big-tech technologists who >> mainly run their own agenda. > > The W3C's job is to formalize aspects of Web usage that aren't > formalized. For instance, RDF is a retrospective formalization of what's > always been a nascent part of the Web, since inception. > > Kingsley >> Anders >> >>> >>> Let's try to be more constructive in 2015, complaining about everything >>> without offering any practical alternatives, gets us nowhere! >>> >>> Kingsley >>>> >>>>> >>>>> [1] https://letsencrypt.org/howitworks/ >>>>> >>>>> On 4 January 2015 at 22:01, cdr <mail@whats-your.name >>>>> <mailto:mail@whats-your.name>> wrote: >>>>> >>>>> > a financial issue, being the cost of a >>>>> > domain and wildcard SSL certificate. >>>>> >>>>> Let's Encrypt is attempting to address this >>>>> >>>>> seth@EFF giving a talk on how it works: >>>>> https://www.youtube.com/watch?v=OZyXx8Ie4pA&t=17m >>>>> >>>>> >>>>> >>>> >>>> >>>> >>> >>> >> >> >> > >
Received on Monday, 5 January 2015 16:30:28 UTC