WebID-ISSUE-16: Easy cross-browser certificate transfer from WebID Incubator Group Issue Tracker on 2011-01-31 (public-xg-webid@w3.org from January 2011)

From: WebID Incubator Group Issue Tracker <sysbot+tracker@w3.org>
Date: Mon, 31 Jan 2011 17:01:05 +0000
To: public-xg-webid@w3.org
Message-Id: <E1Pjx7h-00014H-0V@lowblow.w3.org>

WebID-ISSUE-16: Easy cross-browser certificate transfer

http://www.w3.org/2005/Incubator/webid/track/issues/16

Raised by: Stéphane Corlosquet
On product: 

Issue raised by Manu Sporny at https://github.com/webid-community/webid-spec/issues#issue/4

One of the strongest arguments against technologies like WebID is the concern of transferring certificates from one browser to the next. There have been studies performed on this particular issue and both creating one-certificate-per-browser and having to copy certificates across browsers have been met with very strong usability concerns.

There is a protocol that has been outlined by Ben Laurie for storing private keys on remote servers:

http://www.links.org/files/nigori/nigori-protocol-01.html

We may want to consider inclusion of this technology into the specification as it would certainly make the Javascript implementations of WebID more attractive to those that have concerns about cross-browser certificate transfer.

Received on Monday, 31 January 2011 17:01:07 UTC