W3C home > Mailing lists > Public > public-xg-webid@w3.org > February 2011

RE: slow down and organize

From: peter williams <home_pw@msn.com>
Date: Wed, 23 Feb 2011 10:17:25 -0800
Message-ID: <SNT143-ds98F094AAD6BDE11F3CB4792DB0@phx.gbl>
To: <nathan@webr3.org>, "'WebID XG'" <public-xg-webid@w3.org>
I'll take responsibility for the mail overload. Its solved perhaps by having
an open IRC session, that is not heavily minuted. As always, email is about

We cannot rearchitect internet security - and this seems the underlying
goal. It's not realistic. The mail overload on now many topics should have
shown that its not feasible - as there are 100+ topics more, yet. Effective
commodity internet security requires dominance of 12+ disciplines at 80%
competency - as 75,000 CISSP certified folks doing internet security every
day know.

What can W3C add TO internet security? Should be the posture.

Since the UCI element of openid is dead, W3C *can* resurrect the UCI
element. This is webbiness, at its core. Henry&others and Dan showed how
self-signed client certs plus HTML file with RDFa markup can do this. It's
better than basic auth over https, and about as (poorly) assured. Its
openid, but done with foaf file and digital id certs.

But we cannot agree to do just this. Folks tack on their favorite mission
(agents, formats, ssh (peter), srp, defeat X.509).

But it's an incubator. The goal is to define what W3C might add; but not
actually add it, yet

For my part, Ive listened to the topic list. I've moved back into
implementation mode, ensuring I have gnutls compiled under Cygwin for
windows (that allows me to experiment with the pgp certs, pgp fingerprints,
SRP ciphersuite, anonymous ciphersuites, etc). This done, Im 80% decided to
followup with java work on semweb specific features.

-----Original Message-----
From: public-xg-webid-request@w3.org [mailto:public-xg-webid-request@w3.org]
On Behalf Of Nathan
Sent: Wednesday, February 23, 2011 9:49 AM
To: WebID XG
Subject: slow down and organize

Hi All,

I admit it, I've lost track - to be honest I think almost everybody has, can
somebody who hasn't lost track write up a mail explaining where we are now?

I strongly feel we need to get a grip of the issues, group them together,
work out what's in scope and what's out of scope, focus on some things and
start getting a good sense of where we actually are, perhaps it's just me,
but really, at the moment I don't have a clue, it almost feels like we've
moved discussions in to re architecturing a huge chunk of internet security,
rather than WebID (which I've always taken to mean Web Identification / Web

There are currently 48 issues, and there is no order of precedence, no real
dependencies listed, and no kind of grouping. We need to sorth that.

Additionally, the volume of mail is such that I certainly can't keep up, and
when I try to half the mails make no sense as they're completely out of
context - my main worry is that I devote about 80 hours a week to the w3c
groups, and if I can't make head nor tail of it, how can anybody else?

Can we do something about this, either discuss on list or hold an interim
clean-up / focus meeting asap.


Received on Wednesday, 23 February 2011 18:18:00 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:22 UTC