Re: Browser UI & privacy - a discussion with Ben Laurie

On 10/5/12 12:37 PM, Henry Story wrote:
>   C. It would not be problematic to enhance WebID so that a 
> certificate be verified by checking the signature of the issuer
That's already achievable via an ACL. I don't need a specific protocol 
to determine the nature of my ACL or data access policies. Right now, I 
have the option to use conventional certificate signature verification 
in conjunction with the webid <-> public key relationship. The same 
applies to other factors such as a certificates fingerprint.

At times, we get a little confused about WebID (a specific protocol), 
graphs, logic, and the data access rules/policies. When all is said an 
done, WebID is just about exploiting the ingenuity of URIs due to the 
fact that you can place said URIs in X.509 certificates. URIs add the 
power of indirection to the mix, and via Linked Data principles a URI 
resolves to an entity relationship graphs endowed with explicit or 
implicit entity relationship semantics.

Someday, I hope to understand why the virtues of this reality 
(accentuated by the ubiquitous World Wide Web) is all so complex, can't 
we all just get along?  I believe we are all seeking a solution to the 
Web-scale verifiable identity problem, one that is ultimately grounded 
in logic and semantics rather than any particular data representation 
format :-)

-- 

Regards,

Kingsley Idehen 
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Received on Friday, 5 October 2012 16:56:23 UTC