W3C home > Mailing lists > Public > public-xg-webid@w3.org > July 2011

Re: Browser ID

From: Ben Adida <ben@adida.net>
Date: Sat, 16 Jul 2011 16:43:18 -0700
Message-ID: <4E222216.7080301@adida.net>
To: Peter <home_pw@msn.com>
CC: Kingsley Idehen <kidehen@openlinksw.com>, Henry Story <henry.story@bblfish.net>, WebID XG <public-xg-webid@w3.org>
On 7/16/11 3:44 PM, Peter wrote:
> Lots of myths being restated (rsa is CPU bound, ssl is hard on
> servers, crl caching is hard (whereas a trillion web page caches are
> not).

I said none of those things.

The only item that resembles something I said is "ssl is hard on 
servers." If you read the full message, you'll see that I'm talking 
about having client-side certs carried through all the way to the 
application layer code. It's hard because of the abstraction layers that 
exist in many practical deployments. It's the same reason that Digest 
Auth has been so tough for most applications to deploy.

Btw, if you have a revocation solution that solves the privacy problem 
in a federated system *and* the failure condition model, I'd love to 
hear about it.

Received on Saturday, 16 July 2011 23:43:52 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:45 UTC