- From: Ben Adida <ben@adida.net>
- Date: Sat, 16 Jul 2011 16:43:18 -0700
- To: Peter <home_pw@msn.com>
- CC: Kingsley Idehen <kidehen@openlinksw.com>, Henry Story <henry.story@bblfish.net>, WebID XG <public-xg-webid@w3.org>
On 7/16/11 3:44 PM, Peter wrote: > Lots of myths being restated (rsa is CPU bound, ssl is hard on > servers, crl caching is hard (whereas a trillion web page caches are > not). I said none of those things. The only item that resembles something I said is "ssl is hard on servers." If you read the full message, you'll see that I'm talking about having client-side certs carried through all the way to the application layer code. It's hard because of the abstraction layers that exist in many practical deployments. It's the same reason that Digest Auth has been so tough for most applications to deploy. Btw, if you have a revocation solution that solves the privacy problem in a federated system *and* the failure condition model, I'd love to hear about it. -Ben
Received on Saturday, 16 July 2011 23:43:52 UTC