- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Sat, 16 Jul 2011 17:17:28 +0100
- To: Ben Adida <ben@adida.net>
- CC: Henry Story <henry.story@bblfish.net>, WebID XG <public-xg-webid@w3.org>
On 7/16/11 6:09 AM, Ben Adida wrote: > I disagree. The server-side component can be quite gnarly. Have you > investigated how this works if you use an SSL accelerator? If you use > Amazon EC2's SSL load balancer? My sense is the abstraction layers get > very gnarly. > > Plus, what do you do for short-lived certs? We don't want to deal with > revocation. User logs into IdP provided data space and deletes their problematic public keys. What happens when someone steals a PC/Laptop/Tablet with the private key associated with the public key in a BrowserID scenario? The statement above tells you what can happen re. WebID. Re. BrowserID is the mailto: URI to public key relation 1:1 or 1:N ? This too has implications. > Can you trigger cert re-generation automatically and silently? I don't > think so. Of course! -- Regards, Kingsley Idehen President& CEO OpenLink Software Web: http://www.openlinksw.com Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca: kidehen
Received on Saturday, 16 July 2011 16:17:54 UTC