- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Sat, 7 Jan 2012 21:34:18 +0100
- To: Peter Williams <home_pw@msn.com>
- Cc: "public-xg-webid@w3.org" <public-xg-webid@w3.org>
On 7 January 2012 19:51, Peter Williams <home_pw@msn.com> wrote: > Your innovating again. Trying to change the space. That contrasts with my > model (use what's there, at tiny extra cost). SOme happy medium has to > emerge I(with a promise that the cycle repeats) > > Its hard. Which is just more enabling? > > 1. make the older client cert stuff work in the old client/server browser > with vendor-controlled crypto, but done right for late-stage usage patterns > of 20 years old stuff > > 2. take the new pipe with user controlled javascript crypto, and dump > client/server for secure signalling. > > Does one leap 4 bridges or 2. Can the tanks really keep up with the elite > parachutists, as they lumber along through the mud? I already use a browser (dooble with interface plugin) that is a full duplex server ... it encrypts chat in realtime using the key in my WebID. I can even play an encrypted game of chess using that key, with more features coming soon. It's not a mainstream use of PKI, but it works today and my hope is that one day it will be. That's what I think will be the game changer ... but there's lots of dots to join on the way ... > > ONe of my parents tells a story of a high power scientist innovating with > PVC, for tank electrics. Took them to Libya, and they didnt work reliably. > Noone knew the UV destroyed PVC (until you pigment it with 1c worth of > filler). All worked reliably in cloud cast England. > > > > > > > >> Date: Sat, 7 Jan 2012 18:01:46 +0100 >> Subject: Re: wot won Thing, asked W3C Identity Conference >> From: melvincarvalho@gmail.com >> To: home_pw@msn.com >> CC: public-xg-webid@w3.org > >> >> On 7 January 2012 17:38, Peter Williams <home_pw@msn.com> wrote: >> > The identity conference hosted by W3C aksed folks to state one thing >> > that >> > could be done by all browser manufacturers, that makes a difference. The >> > difference doesnt have to save this world. It just has to remove a >> > disabling >> > barrier. >> > >> > For me, its for ALL mainstream browsers to have something similar to >> > that >> > provided in IE8+: the "New Session" menu item. This is that which, in >> > the >> > SSL world, allows me to stay on the same site (e.g. WebID Realm) and >> > change >> > client certificate, without exiting the browser. (It may have other >> > properties related to pseudo-privacy, too) >> > >> > With all mainstream browser others than IE8+, I have to exit the browser >> > to >> > use a differnt persona (and even all instances of the process, in some >> > of >> > the worst cases). >> > >> > With New Session I dont. I get a new brower window (with new tab set), >> > enabled with new SSL client authn. >> > >> > This is worth having universally. WebID depends on it, I'd counsel. >> >> IMHO the biggest game changer would be for browsers to become full >> duplex, rather than client-server. >> >> Identity (eg webid) and HTML can play a role in that. There's a few >> early prototypes out there already ... hopefully that's the direction >> things will go to make the web more of the read/write P2P distributed >> storage system that was originally envisaged. >> >> > >> > The second thing is ... almost equally useful. But, Im not allowed two >> > wishes.
Received on Saturday, 7 January 2012 20:34:45 UTC