Re: WebCrypto - In "progress" since 2012 from Timothy Holborn on 2016-04-30 (public-webpayments@w3.org from April 2016)

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Sat, 30 Apr 2016 13:45:40 +0000
To: Henry Story <henry.story@bblfish.net>, Manu Sporny <msporny@digitalbazaar.com>
Cc: public-webpayments@w3.org
Message-ID: <CAM1Sok0gi3ufVTxQvK+x8GjECitrWrW2GhFHyHhU9ML7LHjTMA@mail.gmail.com>

If it doesn't work then it's bigger than the concepts supported by existing
browsers.

IMHO it's a bit like saying the means of trade is broken because a few
card-providers refuse to 'do the right thing'.  Doesn't mean finance is
dead; and in this way, i hope we mean we don't mean to break WWW due to a
few actors doing things that are solely in their own interests.

that said - the problem is a human problem not one that is about the tool
involved in harm.  much like a gun or nuclear technology; can be used for
medicine or something else.  We've just got a lack of options atm?

how do we fix that...

TimH.

On Sat, 30 Apr 2016 at 23:42 Henry Story <henry.story@bblfish.net> wrote:

>
> > On 30 Apr 2016, at 14:11, Manu Sporny <msporny@digitalbazaar.com> wrote:
> >
> > On 04/19/2016 01:30 AM, Anders Rundgren wrote:
> >> WebCrypto - In "progress" since 2012 ... and still no interoperable
> >> standard.
> >
> > On 04/30/2016 12:34 AM, Harry Halpin wrote:
> >> For example, your WebPKI work to reproduce PKI in XML has, I believe,
> >> zero adoption.
> >
> > On 04/30/2016 04:08 AM, Henry Story wrote:
> >> Harry is actually acting as a conceptual guard placed in front of a
> >> conceptual door.
> >
> > Hey guys, it would be more productive to have this discussion without
> > the hyperbole and personal attacks (those just make your arguments easy
> > to dismiss/ignore).
> >
> > There are sections of each of your emails that are very healthy
> > discussion points. Constructive criticism is good, but let's please not
> > attack the work of other people trying very hard to solve a problem.
> >
> > We all want better security, open standards, and massive adoption. Not
> > all of us take the exact same path to get there, and that's okay.
> >
> > We're a community of individuals working together to solve some of the
> > toughest technical problems on the Web. We'll make faster progress by
> > focusing on the technical issues as well as strategies for adoption.
>
> Certainly. I am only asking that Harry stand up to the standards
> required by W3C Staff, and not just make statements such as the following
>
> >> There isn't such a thing really as 'trusted UI' that
> >> users understand and there isn't a unified thing such as 'trusted
> storage.'
>
> but actually point to evidence backing up that statement.
>
> Given that this is such an important sticking point, it seems that
> this will require a group to be formed to carefully go over the
> arguments in a principled manner. Somewhat along the lines of what
> the W3C TAG is doing on client certificates
>
> https://github.com/w3ctag/client-certificates
>
> If these arguments have already been made, I'd like to see a conclusive
> document regarding that. Pointers to e-mail threads won't do.
>
> Henry
>
>
> >
> > -- manu
> >
> > --
> > Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
> > Founder/CEO - Digital Bazaar, Inc.
> > JSON-LD Best Practice: Context Caching
> > https://manu.sporny.org/2016/json-ld-context-caching/
> >
>
>
>

Received on Saturday, 30 April 2016 13:46:17 UTC