On Tue, Mar 01, 2011 at 01:42:33PM -0500, Daniel Kahn Gillmor wrote:
On 03/01/2011 01:34 PM, Jonas Smedegaard wrote:Without plauing with it yet myself, I blindly assumed Monkeysphere was usable for exactly this: use GPG web of trust to assure certificates.yes, this is exactly the use case (though i'd call it the OpenPGP web of trust, if you want terminology nit-picking)more specifically: TLS allows for RESTful secure identity handling - which helps save bandwidth as is is friendly to proxies and other caching.note: TLS can be done without X.509. the two are separable: https://tools.ietf.org/html/rfc6091(whether RFC 6091 is the way to go, or whether we should take the X.509-cert-as-dummy-public-key-carrier approach is a separate question)
Skimming first parts for RFC6091 it seems to me that it current mainstream web browsers cannot access a website assured using that protocol. Is that correct?
Could I persuade you to have a look at http://www.w3.org/wiki/WebID and say if that seems feasable to integrate with MonkeySphere?
- Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: Digital signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
