W3C home > Mailing lists > Public > public-webid@w3.org > September 2012

Re: WebID questions -- was: [dane] Call for Adoption: "Using Secure DNS to Associate Certificates with Domain Names For S/MIME"

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Wed, 26 Sep 2012 18:43:49 -0400
Message-ID: <50638525.1020502@openlinksw.com>
To: Ben Laurie <benl@google.com>
CC: Henry Story <henry.story@bblfish.net>, "public-webid@w3.org" <public-webid@w3.org>, Andrei Sambra <andrei@fcns.eu>
On 9/26/12 5:18 PM, Ben Laurie wrote:
> On 26 September 2012 19:02, Henry Story <henry.story@bblfish.net> wrote:
>> On 26 Sep 2012, at 19:10, Kingsley Idehen <kidehen@openlinksw.com> wrote:
>>
>>> On 9/26/12 11:48 AM, Ben Laurie wrote:
>>>> No, the point you are missing is that in capabilities the_only_
>>>> authority I need to access a resource is the name of that resource -
>>>> the URI in your case.
>>> You can seriously believe I am missing that point while also espousing the virtues of hyperlinks as denotation mechanisms for a global web of linked data. That doesn't compute. That's a contradiction.
>>>
>>>> Security derives from the unforgeability of the
>>>> URI, rather than an independent system that decides if some principal
>>>> has permission.
>>> Security is not derived from the persistence of a URI, its derived from the values exposed directly or indirectly via URI which logic handling routing. I can have many identifiers, but relationship semantics ultimately determine if I can access a resource at an address, directly or indirectly (i.e., name based indirection).
>> +1
>>
>> the idea of an unforgeable URI seems gobbledegook to me, frankly. When people spoke of unforgeable things they spoke of things like diamonds that could not be copied, swords that were made to such perfection that never could there be two identical versions of them, etc... A URI is by definition something that can be copied. In fact there is no way of telling of one URI is an original or another a copy!
> This is true, and is one reason it is hard to simulate capabilities using URIs.


How do you arrive at these conclusions? If you don't mind, have you 
taken a look at the Linked Data meme and what its about? How URIs 
resolve to structured data etc. Basically, you can denote anything 
entity using a URI. Even better is you take advantage of an HTTP URI 
since you have the power of indirection in play such that a denotation 
resolves to representation. A URI becomes an extremely powerful data 
source name that enables you work wonders with structured data. You can 
simulate all kinds of capabilities via URIs, the only limits are:

1. our imagination
2. our willingness to look at what Linked Data is really about -- forget 
any distracting political wars from the past, it's 2012, let start 
afresh re. AWWW and its capabilities.


>
>> The idea of unforgeable URIs, the idea of a web that cannot be linked, all of these ideas seem to be like weird beasts from a netherworld that nobody has ever heard of, a Medusa that turns all that look at her into stone.
> Not that cannot be linked, but that can only be linked by those you
> choose to allow to link. The same goal as ACLs, of course.
>
> But I should not have introduced the idea, it raises as many questions
> as it answers. Definitely a red herring. Apologies.
>
>
>


-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen







Received on Wednesday, 26 September 2012 22:44:14 UTC

This archive was generated by hypermail 2.3.1 : Sunday, 31 March 2013 14:40:59 UTC