[Freedombox-discuss] my summary of yesterday's Hackfest
On Tue, Mar 01, 2011 at 01:42:33PM -0500, Daniel Kahn Gillmor wrote:
>On 03/01/2011 01:34 PM, Jonas Smedegaard wrote:
>> Without plauing with it yet myself, I blindly assumed Monkeysphere
>> was usable for exactly this: use GPG web of trust to assure
>> certificates.
>
>yes, this is exactly the use case (though i'd call it the OpenPGP web
>of trust, if you want terminology nit-picking)
>
>> more specifically: TLS allows for RESTful secure identity handling -
>> which helps save bandwidth as is is friendly to proxies and other
>> caching.
>
>note: TLS can be done without X.509. the two are separable:
>
> https://tools.ietf.org/html/rfc6091
>
>(whether RFC 6091 is the way to go, or whether we should take the
>X.509-cert-as-dummy-public-key-carrier approach is a separate question)
Skimming first parts for RFC6091 it seems to me that it current
mainstream web browsers cannot access a website assured using that
protocol. Is that correct?
Could I persuade you to have a look at http://www.w3.org/wiki/WebID and
say if that seems feasable to integrate with MonkeySphere?
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110301/c84b5527/attachment.pgp>
Reply to: