Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upgrading the Web
A Prospectus
Apology
The Web
Security
Passwords
RFC 1738
December 1994
// user : password @ host : port / url-path
The use of URLs containing passwords
that should be sec...
What’s wrong with the Web?
What’s wrong with the Web?
Insecure
Complex
HTTP
Key : value pairs
Negotiation
Request/response protocol
DNS
SSL
Certi cate Authorities
HTML
Templating
Document Object Model
CSS
JavaScript
Many Have Tried
• Microsoft, Apple, Adobe, Oracle, many more.
• In most cases, the technology was much better.
• In most c...
Upgrade the Web.
Keep the things it does well.
HDTV
Helper App
Transition Plan
• Convince one progressive browser maker to integrate.
• Convince one secure site to require its customers...
Strong Cryptography
• ECC 521
• AES 256
• SHA 3-256
Zooko’s Triangle
Human
Meaningful
Securely
Unique
Global:
Decentralized
ECC521 public keys as unique
identifiers
Secure JSON over TCP
web: publickey @ ipaddress / capability
Trust Management
Petnames
Vat
Cooperation under mutual suspicion.
JavaScript
Message
Server
Qt
The Old Web: Promiscuity
The New Web: Commitment
There’s nothing new here.
In the meantime,
keep doing what you’re doing.
Hope
KEEP
CALM
AND
JS
ON
Upcoming SlideShare
Loading in …5
×

Upgrading the Web with Douglas Crockford @ FITC's Web Unleashed 2015

557 views

Published on

Presented at Web Unleashed on September 16-17, 2015 in Toronto, Canada
More info at www.fitc.ca/webu

Upgrading the Web
with Douglas Crockford

The web was originally imagined to be a simple distributed document retrieval system. It is now being used for applications that go far beyond the system’s original capabilities and intentions. We have found ways to make it work, but they are difficult and far too fragile. Many times companies have offered to replace the web with superior proprietary systems, but we rejected them. We have been adding features to the web, but this does little to correct the deep underlying deficiencies, increasing instead of reducing its complexity.

This talk suggests a way forward, taking inspiration from our successful transition from NTSC to HDTV. There is a way forward to a web that is safer, easier, and as good as we desire.

Published in: Education
  • Be the first to comment

  • Be the first to like this

Upgrading the Web with Douglas Crockford @ FITC's Web Unleashed 2015

  1. 1. Upgrading the Web A Prospectus
  2. 2. Apology
  3. 3. The Web
  4. 4. Security
  5. 5. Passwords
  6. 6. RFC 1738 December 1994 // user : password @ host : port / url-path The use of URLs containing passwords that should be secret is clearly unwise.
  7. 7. What’s wrong with the Web?
  8. 8. What’s wrong with the Web? Insecure Complex
  9. 9. HTTP Key : value pairs Negotiation Request/response protocol
  10. 10. DNS
  11. 11. SSL
  12. 12. Certi cate Authorities
  13. 13. HTML
  14. 14. Templating
  15. 15. Document Object Model
  16. 16. CSS
  17. 17. JavaScript
  18. 18. Many Have Tried • Microsoft, Apple, Adobe, Oracle, many more. • In most cases, the technology was much better. • In most cases, the solution was not open. • There was no transition.
  19. 19. Upgrade the Web. Keep the things it does well.
  20. 20. HDTV
  21. 21. Helper App
  22. 22. Transition Plan • Convince one progressive browser maker to integrate. • Convince one secure site to require its customers to use that browser. • Risk mitigation will compel the other secure sites. • Competitive pressure will move the other browser makers. • The world will follow for improved security and faster application development. • Nothing breaks!
  23. 23. Strong Cryptography • ECC 521 • AES 256 • SHA 3-256
  24. 24. Zooko’s Triangle Human Meaningful Securely Unique Global: Decentralized
  25. 25. ECC521 public keys as unique identifiers
  26. 26. Secure JSON over TCP
  27. 27. web: publickey @ ipaddress / capability
  28. 28. Trust Management Petnames
  29. 29. Vat
  30. 30. Cooperation under mutual suspicion.
  31. 31. JavaScript Message Server Qt
  32. 32. The Old Web: Promiscuity The New Web: Commitment
  33. 33. There’s nothing new here.
  34. 34. In the meantime, keep doing what you’re doing.
  35. 35. Hope
  36. 36. KEEP CALM AND JS ON

×