📅 Original date posted:2013-08-09
📝 Original message:>
> Bitcoin sought to reduce dependence on trusted third parties, where as,
> persona is increasing the reach of trusted third parties. The keys and
> passwords are stored on mozilla's servers, sometimes on your email
> providers. Persona, is however, a progression and will hopefully improve
> its security and decentralization as it goes along.
>
When Persona is supported by all the key players in a transaction Mozilla
doesn't get anything, do they? You can easily run your own IDP on a
personal server if you're the kind of person who likes to do that, then run
Firefox so you have a native implementation and the Mozilla servers aren't
involved. The keys never leave your computers.
Whilst X.509 certs can indeed be issued for any arbitrary string, you still
need a CA that will do it for you, and that's typically not so trivial. CAs
aren't meant for widespread end user adoption, really, whereas Persona is.
I don't think Persona is any more or less centralised than other PKIs,
really, just easier to use. Ultimately the string you're verifying is a
user at host pair, so the host is centralised via DNS and to verify the
assertions it vends, you must use SSL to connect to it, so under the hood
the regular SSL PKI is still there.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20130809/f9d1ac67/attachment.html>;
Mike Hearn [ARCHIVE] /
npub17t…4qgyd
2023-06-07 15:05:45
in reply to nevent1q…a2xm
Author Public Key
npub17ty4mumkv43w8wtt0xsz2jypck0gvw0j8xrcg6tpea25z2nh7meqf4qgydPublished at
2023-06-07 15:05:45Event JSON
{
"id": "4df4dff9c4174ef7a88dd9e89bc9e10b0219add8dca10a1064e5d1456945bc48",
"pubkey": "f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2",
"created_at": 1686150345,
"kind": 1,
"tags": [
[
"e",
"f3ae186e8223c167a44d4fe5fb8d14e50a311a37a9b6f42f94ba5c3fade227a9",
"",
"root"
],
[
"e",
"b3ee900906ea27fd96de91492060c937aa9678b25f9419b0273ea0d2132db87a",
"",
"reply"
],
[
"p",
"e316966328c4cb66c34719ef9a7b3bc54ef601663ad4ab06185991237735aa19"
]
],
"content": "📅 Original date posted:2013-08-09\n📝 Original message:\u003e\n\u003e Bitcoin sought to reduce dependence on trusted third parties, where as,\n\u003e persona is increasing the reach of trusted third parties. The keys and\n\u003e passwords are stored on mozilla's servers, sometimes on your email\n\u003e providers. Persona, is however, a progression and will hopefully improve\n\u003e its security and decentralization as it goes along.\n\u003e\n\nWhen Persona is supported by all the key players in a transaction Mozilla\ndoesn't get anything, do they? You can easily run your own IDP on a\npersonal server if you're the kind of person who likes to do that, then run\nFirefox so you have a native implementation and the Mozilla servers aren't\ninvolved. The keys never leave your computers.\n\nWhilst X.509 certs can indeed be issued for any arbitrary string, you still\nneed a CA that will do it for you, and that's typically not so trivial. CAs\naren't meant for widespread end user adoption, really, whereas Persona is.\n\nI don't think Persona is any more or less centralised than other PKIs,\nreally, just easier to use. Ultimately the string you're verifying is a\nuser at host pair, so the host is centralised via DNS and to verify the\nassertions it vends, you must use SSL to connect to it, so under the hood\nthe regular SSL PKI is still there.\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20130809/f9d1ac67/attachment.html\u003e",
"sig": "0dd2834e87be40cff9275838fcc0c51f499357a6bebca76601cbd5b9aad0599053e0489a47b657b9ec6ec4c84e8a3203f1b6fda1f29cc1df8d734a3bf29f3f45"
}