Tyler Close wrote:
> On the client side, the "only" thing you need to do is add the HTTPY
> protocol handler, and a configuration dialog for setting up SLS
> servers. Theoretically, it should be easy to add this to Mozilla. I
> say theoretically, since I wonder if AOL might nix the idea. They
> nixed the "turn off banner adds" option, so nixing a "disintermediate
> Network Solutions and VeriSign" option might fit their profile.
> Getting the protocol handler added to IE might prove impossible, at
> least at first. I imagine there's some money flowing between MS and
> VeriSign. Perhaps getting it into Mozilla would be enough of a
> kick-start.
They can't nix a publicly available patch :-)
> Some open questions:
> --------------------
>
> 1. Has somebody already thought of this too? Are they doing anything
> about it?
Hashes for names is also used in distributed anonymous storage nets (e.g. Enternity and Freenet).
> 2. Are the acronyms already taken? Are they any good? I added 'Y' to
> HTTP because it sort of looks like the lambda in the Granovetter
> Diagram. Sorta makes it look like a 'HIPPY' URL too ;)
I'm pretty sure HTTPY is not taken. You probably should check IANA, though - hmmm ... or do W3C own the URI namespace?
> 3. I think I remember reading that most SSL implementations already
> have the logic for using the public key hash instead of a CA cert. Can
> anyone verify?
OpenSSL does. It uses a pretty trivial scheme: softlink a file with the hash as the name to the cert file.
> 4. Anybody know anybody on the Mozilla team?
I talk to them occasionally. "Know" may be too strong a word, though. :-)
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html