W3C home > Mailing lists > Public > public-identity@w3.org > October 2011

Re: future of Identity on the Web

From: Henry Story <henry.story@bblfish.net>
Date: Wed, 26 Oct 2011 23:02:40 +0200
Cc: Harry Halpin <hhalpin@w3.org>, Hannes Tschofenig <hannes.tschofenig@gmx.net>, Ben Adida <ben@adida.net>, Dan Brickley <danbri@danbri.org>, public-identity@w3.org, Tim Berners-Lee <timbl@w3.org>
Message-Id: <F503FD59-0924-436C-8AF5-D63C8CC4B33B@bblfish.net>
To: Melvin Carvalho <melvincarvalho@gmail.com>

On 26 Oct 2011, at 22:19, Melvin Carvalho wrote:

> To my mind the term WebID (perhaps aka Web Identifier) is simply
> representing identity in terms of a URI.
> 
> I can this of 3 ways immediately:
> 
> 1. http://  (e.g FOAF)
> 2. mailto: (e.g. Email)
> 3. acct: (e.g. Webfinger)
> 
> In future there may be many more concepts, including the special case
> of anonymous browsing.
> 
> "The WebID Protocol" is a neat system that ties (1) to an X.509 cert.
> It's a working example of authentication with a URI and using PKI.
> Perhaps this is something that can be made clearer in the WebID spec

Yes, though of course we do want to be more generic than just (1) in the WebID XG. (I think a few people have implemented WebFinger resolution of e-mail already) We just started where it was easiest to document, and I thought we should have some test suites together before moving to all the other protocols, just so that we can make sure we have some agreement.

I like the way browserid uses the Issuer to prove the e-mail id. We were wondering how we could use the IAN in x509 certificates in a good way.

So yes these are all identity systems, they use crypto to tie an identifier to a user.

Henry

Social Web Architect
http://bblfish.net/
Received on Wednesday, 26 October 2011 21:03:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 26 October 2011 21:03:12 GMT