Upgrading the WebA Prospectus

Apology

The Web

Security

Passwords

RFC 1738December 1994

// user : password @ host : port / url-pathThe use of URLs containing passwords that should be secret is clearly unwise.

What’s wrong with the Web?

What’s wrong with the Web?

InsecureComplex

HTTP

Key : value pairsNegotiation

Request/response protocol

DNS

SSL

Certicate Authorities

HTML

Templating

Document Object Model

CSS

JavaScript

Many Have Tried•Microsoft, Apple, Adobe, Oracle, many more.• In most cases, the technology was much better.• In most cases, the solution was not open.•There was no transition.

Upgrade the Web.

Keep the things it does well.

HDTV

Helper App

Transition Plan•Convince one progressive browser maker to integrate.•Convince one secure site to require its customers to use that browser.•Risk mitigation will compel the other secure sites.•Competitive pressure will move the other browser makers.• The world will follow for improved security and faster application development.•Nothing breaks!

Strong Cryptography•ECC 521•AES 256•SHA 3-256

Zooko’s Triangle

HumanMeaningful

Securely Unique

Global:Decentralized

ECC521 public keys as unique identifiers

Secure JSON over TCP

web: publickey @ ipaddress / capability

Trust Management

Petnames

Vat

Cooperation under mutual suspicion.

JavaScript

Message Server

Qt

The Old Web: Promiscuity

The New Web: Commitment

There’s nothing new here.

In the meantime,keep doing what you’re doing.

Hope

KEEPCALM

AND

JSON