Re: Adding a pointer to a WebID in a GPG pubkey from Melvin Carvalho on 2013-08-27 (public-webid@w3.org from August 2013)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Tue, 27 Aug 2013 19:58:43 +0200
To: Olivier Berger <olivier.berger@telecom-sudparis.eu>
Cc: public-webid <public-webid@w3.org>
Message-ID: <CAKaEYhKxMFd76DsRd0CXTHif9_cVQft6Creyp1Fxpfa00ty-hQ@mail.gmail.com>

On 27 August 2013 17:13, Olivier Berger
<olivier.berger@telecom-sudparis.eu>wrote:

> Hi.
>
> I've been discussing web of trust with Andrei and others, in the context
> of the Debian project, which already relies a lot on the GPG/OpenPGP web
> of trust.
>
> So I've been wondering how to add a WebID pointer in a pubkey. However,
> there doesn't seem to be some easily manageable way to add RDF to a key
> (or at least I didn't discover it)... and I thought that a QR code as a
> photo ID in the pubkey could be something to test out.
>
> So I've played a bit with the script below, and produced a QR code JPEG
> that I added to my key. See my pubkey at [0].
>
> Once decoded, it provides with a basic triple :
>  <> <http://xmlns.com/wot/0.1/identity> <
> http://www-public.telecom-sudparis.eu/~berger_o/foaf.rdf#me>
>
> Maybe there would be a better way to encode this... or another ontology
> ?
>
> In reverse, my WebID points to the pubkey.
>
>
> The script :
>
>  webid=http://www-public.telecom-sudparis.eu/~berger_o/foaf.rdf#me
>  echo '<> <http://xmlns.com/wot/0.1/identity> <'$webid'>' | qrencode -t
> EPS -o webid.eps
>  #convert -verbose -monochrome -define jpeg:extent=1kb -strip -set comment
> "WebID link as RDF" webid.eps webid.jpg
>  convert -monochrome -quality "5%" -strip -set comment "WebID link as RDF"
> webid.eps webid.jpg
>
> Note that using 5% quality seemed to allow the qr code to be decoded by
> zbarimg, while producing a JPEG image small enough for GPG to add it
> without complaining on the file size. YMMV.
>
>
> Would this be an interesting step to promote WebID, by taking adventage
> of the existing GPG web of trust ?
>

Does GPG "certificate" allow you to link to a URL anywhere?  I think the
keyserver field might allow an HTTP URL.

I've seen people tag a URL on the end of a PEM encoded key, but it's not
exactly standard.

My avatar in facebook contains a QR code pointer to my homepage (which
contains my key)

Is there anything the equivalent of subjectAlternativeName in GPG ... or
maybe ive misunderstood the problem?


>
> What do you think.
>
> Best regards,
>
> [0] http://www-public.it-sudparis.eu/~berger_o/info/pubkey/pubkey.txt
> --
> Olivier BERGER
> http://www-public.telecom-sudparis.eu/~berger_o/ - OpenPGP-Id:
> 2048R/5819D7E8
> Ingenieur Recherche - Dept INF
> Institut Mines-Telecom, Telecom SudParis, Evry (France)
>
>
>

Received on Tuesday, 27 August 2013 17:59:11 UTC