- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Fri, 05 Dec 2014 11:20:15 -0500
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- CC: public-webpayments@w3.org
On 12/05/2014 10:58 AM, Anders Rundgren wrote: > On 2014-12-05 16:54, Manu Sporny wrote: >> On 12/05/2014 09:41 AM, Anders Rundgren wrote: >>> Well, the WebPayment CG has a method for "neutralizing" SOP but I >>> feel uneasy about it since it appears to be very complex. >>> Somebody ought to spend a bit more time on this spec. >> >> Which spec are you referring to? The Identity Credentials stuff or >> the Web Commerce spec, or something else? The WebDHT stuff? > > I think I put out a link to the wrong spec :-( The WebDHT is the ting > I meant... Yep, unfortunately that "neutralizing SOP" stuff only exists as two blog posts and a proof-of-concept implementation right now using Telehash (not WebDHT): http://manu.sporny.org/2014/identity-credentials/ source code: https://github.com/digitalbazaar/opencred-idp/tree/master/sites The "neutralizing SOP" bit is here: https://github.com/digitalbazaar/opencred-idp/tree/master/sites#installing-the-login-mixnet The login mixnet is capable of digitally signing something destined for another website. It's not implemented right now, we may implement it early next year. *sigh* not enough funding for that particular project or hours in a day, so it keeps getting backburnered even though it's a really important problem that needs to be solved. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: High-Stakes Credentials and Web Login http://manu.sporny.org/2014/identity-credentials/
Received on Friday, 5 December 2014 16:20:38 UTC