W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

Re: self-signed

From: Nathan <nathan@webr3.org>
Date: Mon, 18 Apr 2011 17:41:45 +0100
Message-ID: <4DAC69C9.7040309@webr3.org>
To: public-xg-webid@w3.org
CC: peter williams <home_pw@msn.com>, 'Mo McRoberts' <mo.mcroberts@bbc.co.uk>, 'Henry Story' <henry.story@bblfish.net>
peter williams wrote:
> The question is conformance, and the test suite that decides conformance.
> What defines a cert as conforming is what we can address in the spec.

So does the webid need to be sent /with/ a cert, or /in/ a cert?

Could a lookup on the public key be performed by some (trusted) third 
party service to get back the webid? or even a mini profile of information?

Could a URI for a lookup service or directory be placed in the 
certificate instead of a WebID? issuerAltName?

Could the URI be sent by some other means, or by some other extension?

Could CRL be utilized/hijacked to return back cert validity info and a 
corresponding WebID? could it be made semi fault tolerant by leaning on 
crlDistributionPoints?

no need for answers, just some questions to see where our boundaries are.
Received on Monday, 18 April 2011 16:42:27 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:24 UTC