2012/11/21 Martin Paljak <mar...@martinpaljak.net>: > On Thu, Nov 15, 2012 at 7:12 PM, Anders Rundgren > <anders.rundg...@telia.com> wrote: > >> Another hurdle is that the GP security model is incompatible with the >> Internet: GP presumes mutual authentication AFAIK. This is how the >> Google Wallet currently works (Google holds the master keys to the SE) >> but that's not really cutting it. > > I don't believe that the industry players would want to give up their > current position easily. > Appstores (authority over what can be installed without hurdles), keys > to the empire (GP-style approach) or monetary gatekeepers (who can > charge a certain % for what is happening in their gardens) make money. > Telcos would prefer to kill data based instant messaging providers > without hesitation, if they could - SMS makes golden eggs...
are you sure that is still the case? SMS flat is down to 5€/month over here. and I use google talk all the time instead of SMS, unless it is someone who doesn't have an android phone. > Interenet as an ideal is one thing, "business as usual" must still > live on, unfortunately. thats a bit harsh I think - its not like the mobile carriers e.g. aren't trying to sell payment systems on top of their infrastructure or similar, but at the end it doesn't gain wide acceptance it seems. maybe too expensive? also for them change is very expensive - their equipment is certified and expensive, and any additional feature might require an upgrade to new equipment with expensive addons in the software/hardware. plus they have a huge amount of equipment so any change affects a lot of parts. no wonder the mobile carriers think change is expensive. still they change when necessary, e.g. to adapt to new speeds/tech like LTE, but in that case they know that everyone left behind will likely die soon, and that the quality level on their network will only get worse with the explosion of mobile data usage. I cannot comment on many things discussed here, but as someone living in an SSO world, where I have one place to authenticate, and every app I use gets the authentication from that central place via OAuth: that is real nice. Thus my personal goal would be no longer to be able to get many credentials from many places, but only to handle one credentials with one service on the other side, and handle that very, very well. every other place can use OAuth with that central place. (remember how I opposed using openid in the past? seeing how nice it is to have such infrastructure changed my view on that....) Regards, Andreas > > Martin > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel