W3C home > Mailing lists > Public > public-webid@w3.org > September 2012

Re: Perceived issues with TLS Client Auth

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Thu, 27 Sep 2012 07:55:59 -0400
Message-ID: <50643ECF.7030106@openlinksw.com>
To: Henry Story <henry.story@bblfish.net>
CC: Ben Laurie <benl@google.com>, Melvin Carvalho <melvincarvalho@gmail.com>, public-webid <public-webid@w3.org>
On 9/27/12 5:47 AM, Henry Story wrote:
>>
>> Right - so the steps you missed are where the WebID profile gets 
>> updated to include the new key, and where joe.name <http://joe.name/> 
>> somehow (how?) decides that this WebID is allowed to log in...
>
> Because the new certificate I received from my server, contains the 
> same WebID as the old certificate. The public key changed (and so  the 
> certificate too of course )  but the WebID remains the same :-)
>
> So for a same id, what remains the same across each certificate, in 
> whatever device it happens to be, is the Subject Alternative Name, the 
> URI that refers to me: the WebID.
>
> It is true that we don't talk about multiple certificates in the spec. 
> I was thinking it should be updated to show the same WebID can have 
> multiple public keys, and multiple associated certificates. This 
> discussion shows that this may need to be drawn out a lot more.
+1

-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen







Received on Thursday, 27 September 2012 11:56:25 UTC

This archive was generated by hypermail 2.3.1 : Sunday, 31 March 2013 14:40:59 UTC