W3C home > Mailing lists > Public > public-webid@w3.org > July 2015

Re: google proposing to deprecate KEYGEN

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Thu, 30 Jul 2015 13:31:07 -0400
Message-ID: <55BA5F5B.8080604@openlinksw.com>
To: Anders Rundgren <anders.rundgren.net@gmail.com>, public-webid@w3.org
On 7/30/15 11:54 AM, Anders Rundgren wrote:
> On 2015-07-30 17:44, Kingsley Idehen wrote:
>> On 7/30/15 11:11 AM, Anders Rundgren wrote:
>>> These do not rely on KEYGEN and only occasionally on TLS Client Cert
>>> Auth.  The
>>> interest in understanding why seems to very limited in this CG. In
>>> similarity to
>>> FIDO alliance the majority of these solutions are using
>>> application-level authentication
>>> rather than transport-level ditto.  The latter is more suited for VPNs
>>> than the Web.
>>>
>>> Anders
>>
>> So what?
>>
>> Your comments have zilch to do with WebID-TLS (which is  HTTPS +
>> relations lookup facilitated by WebIDs).
>
> Kingsley,
>
> The alternative schemes (and FIDO) accomplish the same thing as HTTPS 
> CCA,
> which is binding a certificate/key to a site. 

WebID isn't about binding to a site.

> The WebID lookup is an an extra
> step which can be performed equally well by the alternative methods.  
> It is
> technically about the same as doing an OCSP lookup after receiving a 
> certificate.

Sorry, you are misunderstanding it.

>
> Anders
>
>
>


-- 
Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog 1: http://kidehen.blogspot.com
Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this




Received on Thursday, 30 July 2015 17:31:31 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 30 July 2015 17:31:31 UTC