On 12 Feb 2011, at 10:45, Henry Story wrote: > On 12 Feb 2011, at 02:24, peter williams wrote: > >> Define a new cert-type like PGP did (hello extension..) > > Could be useful, but clearly independent of the UI issue. There would be a big format war to decide there, and it's not clear what the advantage is going to be, apart from reduction of bugs due to ASN.1 parsing problems. So here I think there needs to be a lot more work done finding the benefits. My guess is that this should be done after wide deployment of WebID, because then the advantages of what should go into such a certificate will be a lot more obvious. Much more important than cert-type in my view will be implementation of the results of the IETF keyassure group in the browser. See their first draft: http://tools.ietf.org/html/draft-ietf-dane-protocol-04 That will make it much easier to deploy https on the server, and have a lot of other security advantages, that will be obvious to browser vendors quite apart from the needs of WebID. HenryReceived on Saturday, 12 February 2011 10:09:26 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:41 UTC