W3C home > Mailing lists > Public > public-webid@w3.org > September 2012

Re: WebID questions -- was: [dane] Call for Adoption: "Using Secure DNS to Associate Certificates with Domain Names For S/MIME"

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Wed, 26 Sep 2012 13:10:56 -0400
Message-ID: <50633720.9030304@openlinksw.com>
To: Ben Laurie <benl@google.com>
CC: Henry Story <henry.story@bblfish.net>, "public-webid@w3.org" <public-webid@w3.org>, Andrei Sambra <andrei@fcns.eu>
On 9/26/12 11:48 AM, Ben Laurie wrote:
> No, the point you are missing is that in capabilities the_only_
> authority I need to access a resource is the name of that resource -
> the URI in your case.

You can seriously believe I am missing that point while also espousing 
the virtues of hyperlinks as denotation mechanisms for a global web of 
linked data. That doesn't compute. That's a contradiction.

> Security derives from the unforgeability of the
> URI, rather than an independent system that decides if some principal
> has permission.

Security is not derived from the persistence of a URI, its derived from 
the values exposed directly or indirectly via URI which logic handling 
routing. I can have many identifiers, but relationship semantics 
ultimately determine if I can access a resource at an address, directly 
or indirectly (i.e., name based indirection).

> The problem that best shows the critical difference betweens caps and
> ACLs is the confused deputy problem:
> http://en.wikipedia.org/wiki/Confused_deputy_problem.

Not at all!

I can sign claims about co-reference by name or value. That's why we 
have semantics for equivalence by name, ditto. inverse functionality. 
These matters have been long addressed in computer science. We are at a 
point where there is a ubiquitous Web that let's us reapply what already 
exists in newer and more profound context.

At this juncture, my position hasn't changed. You haven't introduced a 
new insight that incongruent with what's possible via the Web today.



Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Received on Wednesday, 26 September 2012 17:11:23 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:54:35 UTC