Re: WebCrypto - In "progress" since 2012 from Henry Story on 2016-04-30 (public-webpayments@w3.org from April 2016)

From: Henry Story <henry.story@bblfish.net>
Date: Sat, 30 Apr 2016 14:39:19 +0100
To: Manu Sporny <msporny@digitalbazaar.com>
Cc: public-webpayments@w3.org
Message-Id: <988DF056-0DCC-4E7F-84E2-4F4F139C70C5@bblfish.net>

> On 30 Apr 2016, at 14:11, Manu Sporny <msporny@digitalbazaar.com> wrote:
> 
> On 04/19/2016 01:30 AM, Anders Rundgren wrote:
>> WebCrypto - In "progress" since 2012 ... and still no interoperable 
>> standard.
> 
> On 04/30/2016 12:34 AM, Harry Halpin wrote:
>> For example, your WebPKI work to reproduce PKI in XML has, I believe,
>> zero adoption.
> 
> On 04/30/2016 04:08 AM, Henry Story wrote:
>> Harry is actually acting as a conceptual guard placed in front of a 
>> conceptual door.
> 
> Hey guys, it would be more productive to have this discussion without
> the hyperbole and personal attacks (those just make your arguments easy
> to dismiss/ignore).
> 
> There are sections of each of your emails that are very healthy
> discussion points. Constructive criticism is good, but let's please not
> attack the work of other people trying very hard to solve a problem.
> 
> We all want better security, open standards, and massive adoption. Not
> all of us take the exact same path to get there, and that's okay.
> 
> We're a community of individuals working together to solve some of the
> toughest technical problems on the Web. We'll make faster progress by
> focusing on the technical issues as well as strategies for adoption.

Certainly. I am only asking that Harry stand up to the standards
required by W3C Staff, and not just make statements such as the following

>> There isn't such a thing really as 'trusted UI' that
>> users understand and there isn't a unified thing such as 'trusted storage.'

but actually point to evidence backing up that statement. 

Given that this is such an important sticking point, it seems that 
this will require a group to be formed to carefully go over the 
arguments in a principled manner. Somewhat along the lines of what 
the W3C TAG is doing on client certificates

https://github.com/w3ctag/client-certificates

If these arguments have already been made, I'd like to see a conclusive
document regarding that. Pointers to e-mail threads won't do.

Henry


> 
> -- manu
> 
> -- 
> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
> Founder/CEO - Digital Bazaar, Inc.
> JSON-LD Best Practice: Context Caching
> https://manu.sporny.org/2016/json-ld-context-caching/
>

Received on Saturday, 30 April 2016 13:39:46 UTC