<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor=white lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>The vast majority of certs issued in the internet are
self-signed or self-rooted. I suspect these days more SSL happens in a way that
has no UI than happens in a browser, with https URI namespace controls.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>The good news in websso space is that there are main 2 competitors
: SAML and openid. If Openid becomes a TTP culture run by 10 large mega-OPs,
SAML will take the peer-peer space. Though SAML started life as the multi-million
dollar federation, its rapidly heading towards peer-peer (with lots of
self-root cert chains, and RP-based OCSP validation servers) – following in
the footsteps of PKI. OpenID on the other hand started peer/peer, and is rapidly
heading into the TTP space (where I suspect its founders wanted it all along).<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";
color:windowtext'>From:</span></b><span style='font-size:10.0pt;font-family:
"Tahoma","sans-serif";color:windowtext'> general-bounces@openid.net
[mailto:general-bounces@openid.net] <b>On Behalf Of </b>Eddy Nigg (StartCom
Ltd.)<br>
<b>Sent:</b> Friday, March 20, 2009 2:29 PM<br>
<b>To:</b> SitG Admin<br>
<b>Cc:</b> general@openid.net<br>
<b>Subject:</b> Re: [OpenID] Fwd: [OpenID Foundation] New Poll Opened<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>On 03/20/2009 10:35 PM, SitG Admin: <o:p></o:p></p>
<blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'>
<p class=MsoNormal>I think - with or without costs - this is what's expected
from certification authorities. <o:p></o:p></p>
</blockquote>
<p class=MsoNormal><br>
Why? <o:p></o:p></p>
<p class=MsoNormal><br>
Well, we have been through this already, don't we...<br>
<br>
Nevertheless, certification authorities are certifying all kinds of things,
ideally they certify people and organizations. That's what they were all about
in the beginning. These days it's not exactly like this anymore...<br>
<br>
<br>
<o:p></o:p></p>
<p class=MsoNormal>I didn't intend it to be an analogy to SSL certificates,
just the idea that if costs aren't monetary they don't exist. Extending the
analogy in its intended direction, then, someone who enjoyed having sex and
didn't think twice about having it with newly met strangers wouldn't
necessarily see it as a cost, or even out of the ordinary for how they lived
their life (just as most people don't think of "giving their full name"
as a cost). <o:p></o:p></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
:-)<br>
<br>
Neither is an identity disclosing requirement a cost - as long as the CA in
question doesn't profit from it. At least that's my opinion. If it's required
in order to govern a policy, it addresses a legitimate concern, and compliance
on part of the recipient of a free service.<br>
<br>
Further to your analogy: In order to rent a hotel room you must usually deposit
a passport or other identifying document - at least you must present it
usually. If you have to pay for the room or not is not the scope of this
requirement.<br>
<br>
Of course there are hostels or other places to sleep which might not require
from you to present your ID document, but I bet you'll have some cockroaches
sharing the room with you... <br>
<br>
This is the correct analogy, not doing favors. It's the rules which are
established in order to rent a room (without connection to the costs). Some
might give you the room for free - but will not remove the established rules
for getting one.<br>
<br>
<o:p></o:p></p>
<div>
<table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0>
<tr>
<td colspan=2 style='padding:0in 0in 0in 0in'>
<p class=MsoNormal>Regards <o:p></o:p></p>
</td>
</tr>
<tr>
<td colspan=2 style='padding:0in 0in 0in 0in'>
<p class=MsoNormal> <o:p></o:p></p>
</td>
</tr>
<tr>
<td style='padding:0in 0in 0in 0in'>
<p class=MsoNormal>Signer: <o:p></o:p></p>
</td>
<td style='padding:0in 0in 0in 0in'>
<p class=MsoNormal>Eddy Nigg, <a href="http://www.startcom.org">StartCom Ltd.</a><o:p></o:p></p>
</td>
</tr>
<tr>
<td style='padding:0in 0in 0in 0in'>
<p class=MsoNormal>Jabber: <o:p></o:p></p>
</td>
<td style='padding:0in 0in 0in 0in'>
<p class=MsoNormal><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a><o:p></o:p></p>
</td>
</tr>
<tr>
<td style='padding:0in 0in 0in 0in'>
<p class=MsoNormal>Blog: <o:p></o:p></p>
</td>
<td style='padding:0in 0in 0in 0in'>
<p class=MsoNormal><a href="http://blog.startcom.org">Join the Revolution!</a><o:p></o:p></p>
</td>
</tr>
<tr>
<td style='padding:0in 0in 0in 0in'>
<p class=MsoNormal>Phone: <o:p></o:p></p>
</td>
<td style='padding:0in 0in 0in 0in'>
<p class=MsoNormal>+1.213.341.0390<o:p></o:p></p>
</td>
</tr>
<tr>
<td colspan=2 style='padding:0in 0in 0in 0in'>
<p class=MsoNormal> <o:p></o:p></p>
</td>
</tr>
</table>
</div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</div>
</body>
</html>