Re: Web ID as passwordless authentication for debian web services

Hi again. Russ Allbery writes: > Jonas Smedegaard writes: >> Quoting Russ Allbery (2013-05-16 19:57:59) > >>> Sure, but if you have control over the server certificate and are tying >>> the server certificate to the user certificate via some mechanism like >>> Monkeysphere, why do the whole ind

Re: Developer repositories for Debian

Hi. Sorry to be a bit late in the discussion. Russ Allbery writes: > > I'd never heard of WebID before this thread, but looking briefly at the > spec, I share Daniel's concerns. I don't see how this eliminates reliance > on the normal CAs. You still have to do certificate validation to be abl