On 9/27/12 5:47 AM, Henry Story wrote: >> >> Right - so the steps you missed are where the WebID profile gets >> updated to include the new key, and where joe.name <http://joe.name/> >> somehow (how?) decides that this WebID is allowed to log in... > > Because the new certificate I received from my server, contains the > same WebID as the old certificate. The public key changed (and so the > certificate too of course ) but the WebID remains the same :-) > > So for a same id, what remains the same across each certificate, in > whatever device it happens to be, is the Subject Alternative Name, the > URI that refers to me: the WebID. > > It is true that we don't talk about multiple certificates in the spec. > I was thinking it should be updated to show the same WebID can have > multiple public keys, and multiple associated certificates. This > discussion shows that this may need to be drawn out a lot more. +1 -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Received on Thursday, 27 September 2012 11:56:25 UTC