RE: Browser ID

ok. Ive done so. Lets see what the thought train in the mozilla world.  The last time I had anything to do with Mozilla it was called Netscape Navigatgor, and the SSL team there was split between folks doing browsers, folks doing servers (distinguishing https from nttps), and folks doing crypto APIs at the best of US DoD. In all cases, the engineering was about doing as little as possible, and only taking the simplest cases from the X.509 key management standards. Thus the platform really never matured - outside the DoD hooks to use CRMF for certified key management (rather than using HTML keygen) and work with Fortezza/CAC-smartcard integration - hoping rather than nature of the problem at scale would evolve to require the lowest 20% of the technology. Thhe nature of Cryptopolitics  is such that its hard to find the sweet spot in the bottom end of the range of what the crypto/keying/ssl-cipherhsuite technology can do. It occurs to me that BrowserID could really benefit from re-introduction into browser SSL of the "RSA ephemeral" ciphersuite (which provides client side ephemerals that can do proper "temporary validity statementing"). This ciphersuite died, once DoD decided - in the days when DoD was responsible for internet/web "leadership" in comms/crypto - that it didnt "suit" the national need. The vendors on DoD payroll dutifully agreed, of course. not sure Ill do well on a mozilla list, with these attitudes. But lets see, how much independence of thought there is. There is plenty of autonomy from such doctrines here (and perhaps too much, even, wehre one must at the END of the day aim to find a middle ground - one that doesnt just "alienate" the interests behind DoD doctrines concerning national/transnational-scale key management)> Date: Sun, 17 Jul 2011 11:20:53 -0700
> From: ben@adida.net
> To: home_pw@msn.com
> CC: kidehen@openlinksw.com; henry.story@bblfish.net; public-xg-webid@w3.org
> Subject: Re: Browser ID
> 
> On 7/17/11 8:06 AM, Peter Williams wrote:
> >
> > I dont need to solve what this group is not about. It about taking TLS
> > more or less as is, warts and all, and tweaking at most 1% of it so that
> > the semantic web can then bring all its value to bear. I leave it to my
> > colleages to prove that the semantic web does what it professes (since
> > Im a skeptic, but one willing to be converted).
> 
> OK, fair enough. I just want to point out that I was pulled into this 
> mailing list, not the other way around :)
> 
> So, let's bring this discussion to where it makes more sense: come to 
> https://lists.mozilla.org/listinfo/dev-identity
> 
> -Ben
> 
 		 	   		  

Received on Sunday, 17 July 2011 21:38:50 UTC