Re: [rtcweb] IdP in RTCWeb
Harald Alvestrand <harald@alvestrand.no> Fri, 23 March 2012 11:22 UTC
Return-Path: <harald@alvestrand.no>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4447D21F8575 for <rtcweb@ietfa.amsl.com>; Fri, 23 Mar 2012 04:22:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.519
X-Spam-Level:
X-Spam-Status: No, score=-110.519 tagged_above=-999 required=5 tests=[AWL=0.080, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XizQvIVS-HVb for <rtcweb@ietfa.amsl.com>; Fri, 23 Mar 2012 04:22:49 -0700 (PDT)
Received: from eikenes.alvestrand.no (eikenes.alvestrand.no [158.38.152.233]) by ietfa.amsl.com (Postfix) with ESMTP id C2BA921F84F3 for <rtcweb@ietf.org>; Fri, 23 Mar 2012 04:22:48 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id B755439E112; Fri, 23 Mar 2012 12:22:47 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at eikenes.alvestrand.no
Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a+mqNM8VTCXZ; Fri, 23 Mar 2012 12:22:43 +0100 (CET)
Received: from hta-dell.lul.corp.google.com (62-20-124-50.customer.telia.com [62.20.124.50]) by eikenes.alvestrand.no (Postfix) with ESMTPSA id 164CC39E0C0; Fri, 23 Mar 2012 12:22:43 +0100 (CET)
Message-ID: <4F6C5D02.6010800@alvestrand.no>
Date: Fri, 23 Mar 2012 12:22:42 +0100
From: Harald Alvestrand <harald@alvestrand.no>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.27) Gecko/20120216 Thunderbird/3.1.19
MIME-Version: 1.0
To: igor.faynberg@alcatel-lucent.com
References: <4F6B5FEE.9060706@alcatel-lucent.com> <CABcZeBPBac83KmE3we1nAV+eEusLrJbUij4DHmuCyDSkQ4fdVQ@mail.gmail.com> <4F6B6CD6.2070801@alcatel-lucent.com>
In-Reply-To: <4F6B6CD6.2070801@alcatel-lucent.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] IdP in RTCWeb
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Mar 2012 11:22:53 -0000
On 03/22/2012 07:17 PM, Igor Faynberg wrote: > Thanks! Now I understand. > > My only follow-up question (and that could probably wait until the > next week) is why not make BrowserID certificate adhere to X.509. If > we issue self-signed X.509 certificates ourselves, what is in the way > of any IdP doing just that? The BrowserID specification is the work item of a group that is entirely outside of this group. You can certainly go there (browserid.org) to argue that they should change to X.509 certificates, but we can't decide in the RTCWEB WG that they should change. > > Igor > > On 3/22/2012 1:53 PM, Eric Rescorla wrote: >> Good question. >> >> 1. BrowserID certificates aren't X.509, and that's all the TLS/DTLS >> will do. >> 2. This lets us be agnostic about IdP mechanisms without having to >> change >> TLS every time we add a new one. >> >> -Ekr >> >> >> On Thu, Mar 22, 2012 at 6:22 PM, Igor Faynberg >> <igor.faynberg@alcatel-lucent.com> wrote: >>> Eric, >>> >>> A question: For the case of BrowserID, I understand that a client >>> gets a >>> certificate from an IdP. If so, why you and I would not use the >>> certificates from our respective IdPs in order to authenticate each >>> other >>> in DTLS? >>> >>> Igor >>> >>> >>> > _______________________________________________ > rtcweb mailing list > rtcweb@ietf.org > https://www.ietf.org/mailman/listinfo/rtcweb >
- [rtcweb] IdP in RTCWeb Igor Faynberg
- Re: [rtcweb] IdP in RTCWeb Eric Rescorla
- Re: [rtcweb] IdP in RTCWeb Igor Faynberg
- Re: [rtcweb] IdP in RTCWeb Harald Alvestrand
- Re: [rtcweb] IdP in RTCWeb Igor Faynberg
- Re: [rtcweb] IdP in RTCWeb Ralph Giles