On 16/05/13 16:42, Russ Allbery wrote: > In essence, [WebID] > moves the authentication problem from user authentication to > URI endpoint authentication, under the theory that we already know how to > validate URI endpoints and that such validation is an easier problem.
... or to look at it another way: it moves the authentication problem to URI endpoint authentication, because while we don't have a great solution for that either, it's a problem we need a solution for anyway in order to have secure websites, email, etc.? (Also, it does mean users in a shared domain don't have to interact with CAs individually.) Hopefully some combination of the CA cartel, DNSSEC/DANE, Sovereign Keys and/or Convergence will end up as a close enough approximation to a solution in a finite time... S -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5195024e.4090...@debian.org