Re: Internet Identity Workshop #18

On 5/12/14 7:18 AM, Kingsley Idehen wrote:
> On 5/12/14 2:15 AM, Anders Rundgren wrote:
>> On 2014-05-12 03:54, Brent Shambaugh wrote:
>>> Hello RWW and Web Payments CG,
>>>
>>> I just spent last week at IIW #18 and some thought that it would be 
>>> great if there was some more W3C involvement.
>>
>> I think there is a general misconceoption about how successful 
>> standards are created and also the
>> importance of standards.  Windows is not a standard but still have 
>> some 90% of the desktop market.
>>
>>>
>>> There was a demo of cimba.co <http://cimba.co> and some tackling of 
>>> FOAF+SSL and WebID. '
>> > Some shared the views about certs and the browser experience. Maybe 
>> this was just me and another or so.
>>
>> I thought the situation is that the WebID folks still toil with the 
>> idea that the browser vendor
>> need to fix the TLS UI 
>
> When you speak of browsers you need to be specific. Each browser 
> offers a different experience re. TLS Client Certificate 
> Authentication (CCA).
>
> IE:
> It has no issue as a user can simply create a new session. This is 
> basically a menu option.
>
> Safari:
>
> As I indicated to you last week, TLS sessions are terminated when the 
> session is deemed idle, based on inactivity.
>
> Chrome on Windows or Mac OS X:
> Doesn't offer either option above, so you have to restart your browser.
>
> Firefox:
>
> You can log out and then login to TLS sessions using Javascript.
>
> Opera:
> Like chrome, you have to open a new browser session.
>
>> while Web Payments have given up on WebID-TLS and replaced it with
>> identitiy-credentials?
>>
>> And then there is yours truly who believe that the WebID-TLS thing 
>> should be redesigned so that it
>> follows proprietary X.509 schemes have already have FOUR MAGNITUDES 
>> more users than WebID-TLS, but
>> of course using an open (eventually standardized) solution. 
>
> I don't have any issue with WebID-TLS be open to other schemes, by way 
> of loosely coupling etc.. 

Closing the loop, in regards to the item above, using a live example 
[1]. Basically, This WebID verification service works with multiple 
certificates without requiring the user to restart their browser (the 
only exceptions are Chrome & Opera, at this point in time).


[1] https://id.myopenlink.net/ods/webid_demo.html -- simple WebID 
verification service

-- 

Regards,

Kingsley Idehen 
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen