Re: future of Identity on the Web from Nathan on 2011-10-25 (public-xg-webid@w3.org from October 2011)

From: Nathan <nathan@webr3.org>
Date: Tue, 25 Oct 2011 09:51:14 +0100
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
CC: Henry Story <henry.story@bblfish.net>, WebID Incubator Group WG <public-xg-webid@w3.org>, public-identity@w3.org, Halpin Harry <hhalpin@w3.org>, Ben Adida <ben@adida.net>, Tim Berners-Lee <timbl@w3.org>
Message-ID: <4EA67882.1050502@webr3.org>

Hannes Tschofenig wrote:
> Hi Henry, Hi Harry, 
> 
> I may be completely misunderstanding the effort that Harry has put together with the W3C Web Identity charter 
> http://www.w3.org/2011/08/webidentity-charter.html
> but my understanding was that the work in that proposed group is focused on APIs (e.g., JavaScript) to allow the browser to access cryptographic functions and to indicate other security related state information to the browser. 

This was also my understanding, and was most glad to see it on a 
charter, as it's really needed and will expose a whole world of possible 
functionality for the (r/w) web :)

> This work can then be used by existing Web identity management protocols (like OpenID, OAuth, etc.). 
> 
> I get the impression that you believe the group will develop the identity management protocols themselves (such as the recently invented BrowserID solution). This is not the case and the charter needs to make this very clear. In fact, mentioning these solutions in the "Identity API" part of the charter writeup may lead to that confusion. 
> 
> I hope that this group will help the industry to improve currently deployed Web identity management solutions rather than creating even more solutions.
> 
> Ciao
> Hannes
> 
> On Oct 25, 2011, at 9:35 AM, Henry Story wrote:
> 
>> Dear Web Identity Groups, 
>>
>> Since both the community forming around the Web Identity javascript cryptography work [1] and the WebID XG are working in the same space, I propose that the two groups work out how these projects can complement each other, so that the W3C can tell a unified identity story. There is a lot in common between them - usage of cryptography in the browser and certificates to prove identity online - and it seems quite clear to me that both the existing WebID solution [2] and the in development version known as BrowserId can complement each other, in fact should as much as possible do so. This could then form the basis for a future WG starting 2012, split hopefully into a number of small independent and closely interrelated parts.
>>
>>   Henry
>>
>>
>> [1] http://www.w3.org/2011/08/webidentity-charter.html
>> [2] http://webid.info/spec/
>>
>> Social Web Architect
>> http://bblfish.net/
>>
>>
> 
> 
> 
>

Received on Tuesday, 25 October 2011 08:52:44 UTC