W3C home > Mailing lists > Public > public-webid@w3.org > July 2015

Re: google proposing to deprecate KEYGEN

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Thu, 30 Jul 2015 17:11:25 +0200
To: Andrei Sambra <andrei@w3.org>
Cc: Melvin Carvalho <melvincarvalho@gmail.com>, public-webid <public-webid@w3.org>
Message-ID: <55BA3E9D.1030803@gmail.com>
On 2015-07-30 16:57, Andrei Sambra wrote:
>> On Jul 30, 2015, at 10:44 AM, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
>> On 2015-07-30 16:32, Melvin Carvalho wrote:
>>> :(
>>> https://groups.google.com/forum/#!msg/mozilla.dev.platform/pAUG2VQ6xfQ/FKX63BwOIwAJ
>> Since none of the big users of client-side PKI have ever bothered with this crap
>> it won't be missed.   This signifies the (expected) end of WebID-TLS as well.
> Excuse me, but in what way is your comment useful? We understand you’re not a
 > fan of WebID-TLS, that’s totally fine. But if you’re willing to participate in
 > this community group, please write something more constructive instead of baiting
 > people into flame wars.


I have any number of times suggested that the WebID group should join forces with
the 3-4 magnitudes bigger user deployments of client-side PKI used by governments
and banks in the EU.

These do not rely on KEYGEN and only occasionally on TLS Client Cert Auth.  The
interest in understanding why seems to very limited in this CG.  In similarity to
FIDO alliance the majority of these solutions are using application-level authentication
rather than transport-level ditto.  The latter is more suited for VPNs than the Web.


> Respectfully,
> Andrei
>> Anders
Received on Thursday, 30 July 2015 15:11:56 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 30 July 2015 15:11:57 UTC