On Wednesday 23 September 2015 19:01:17 Brad Hill wrote: > But here we are, in 2015, and Identity is still the White Whale of the Web.
This in itself is shows a really fundamental difference in the understanding of identity, its social functions and the expectations attached to it. BTW, in a project we implemented the chaum credentials for age verification and other anonymous credentials (with IBM, MS, SAP and others). People were interested. There were IPR issues in the way. And the believe of many web actors that knowing somebody's name, having a profile, having a "identity" equals "trust" needed for ecommerce. So "browser makers" were not interested because it wasn't a mainstream thought. Arguing Zeitgeist doesn't mean the Zeitgeist is right or that the Zeitgeist can't change. And only because the current browser makers believe that SOP is the only way to scope a credential or token doesn't mean it is really the only way. It just means that it is more difficult to get implementation if a viable solution is found. We had that for over 10 years with Microsoft pouting CSS, isn't it? So arguing a dichotomy isn't helping IMHO. But of course I hear your warnings about past mistakes and I still feel my own defeats in the EU electronic signature circus where I failed to convince others that their HIGH security requirements will not work with Web integration. What I want is a real discussion and not just the throwing of drop-dead-arguments. --Rigo
signature.asc
Description: This is a digitally signed message part.
