W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

Re: self-signed

From: Mo McRoberts <mo.mcroberts@bbc.co.uk>
Date: Mon, 18 Apr 2011 10:41:21 +0100
Cc: <public-xg-webid@w3.org>
Message-Id: <0E97B4C6-36B0-44AC-981A-3A65984807CD@bbc.co.uk>
To: "peter williams" <home_pw@msn.com>

On 15 Apr 2011, at 17:43, peter williams wrote:

> 1) from Joe, if you do you use any critical extensions, dear self-asserting
> user, you must know WHICH ones work at any one of a billion different
> resource servers, each one of which has different rules. If you use a
> third-party issued cert (which may WELL have said extensions), things get no
> better. This is what killed client cert adoption, for 15 years (in my view).

What killed cert adoption [outside of the corporate space] is the poor UI and deeply hierarchical trust model. Critical extensions are barely a drop in the ocean in comparison.


Mo McRoberts - Data Analyst - Digital Public Space,
Zone 1.08, BBC Scotland, 40 Pacific Quay, Glasgow G51 1DA,
Room 7066, BBC Television Centre, London W12 7RJ,
0141 422 6036 (Internal: 01-26036) - PGP key 0x663E2B4A

This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated.
If you have received it in error, please delete it from your system.
Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately.
Please note that the BBC monitors e-mails sent or received.
Further communication will signify your consent to this.
Received on Monday, 18 April 2011 09:41:51 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:44 UTC