Re: WebID-ISSUE-16: Easy cross-browser certificate transfer from Stéphane Corlosquet on 2011-01-31 (public-xg-webid@w3.org from January 2011)

From: Stéphane Corlosquet <scorlosquet@gmail.com>
Date: Mon, 31 Jan 2011 12:08:56 -0500
To: WebID Incubator Group WG <public-xg-webid@w3.org>
Message-ID: <AANLkTi=H=pYrYETpJDN9=CsHxGzEWRfD4FoPb1kctPT9@mail.gmail.com>

There's been a lengthy discussion on this topic in this thread:
"[foaf-protocols] Some basic questions prior to development ?"

http://lists.foaf-project.org/pipermail/foaf-protocols/2010-May/002306.html

Steph.

On Mon, Jan 31, 2011 at 12:01 PM, WebID Incubator Group Issue Tracker <
sysbot+tracker@w3.org <sysbot%2Btracker@w3.org>> wrote:

>
> WebID-ISSUE-16: Easy cross-browser certificate transfer
>
> http://www.w3.org/2005/Incubator/webid/track/issues/16
>
> Raised by: Stéphane Corlosquet
> On product:
>
> Issue raised by Manu Sporny at
> https://github.com/webid-community/webid-spec/issues#issue/4
>
> One of the strongest arguments against technologies like WebID is the
> concern of transferring certificates from one browser to the next. There
> have been studies performed on this particular issue and both creating
> one-certificate-per-browser and having to copy certificates across browsers
> have been met with very strong usability concerns.
>
> There is a protocol that has been outlined by Ben Laurie for storing
> private keys on remote servers:
>
> http://www.links.org/files/nigori/nigori-protocol-01.html
>
> We may want to consider inclusion of this technology into the specification
> as it would certainly make the Javascript implementations of WebID more
> attractive to those that have concerns about cross-browser certificate
> transfer.
>
>
>
>
>

Received on Monday, 31 January 2011 17:09:44 UTC