W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

Re: self-signed

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Tue, 19 Apr 2011 16:49:04 -0400
Message-ID: <4DADF540.6040605@openlinksw.com>
To: public-xg-webid@w3.org
On 4/19/11 4:14 PM, Mo McRoberts wrote:
> You yourself gave a key example of this right at the beginning of the 
> thread: you had certificates with unsupported schemes, and they didn't 
> work. You were confused as a result, and thought there was a bug. 
> You're a smart, experienced, technically-savvy user --- how's my 
> grandmother going to cope with that situation?
Which is why implementers should deliver clear messages when they hit 
faults related to a URI that serve as WebID in a Cert.. That's basically 
the essence of the matter. This issue is a few steps away from grandma 
as she shouldn't really care about such details.  Not caring doesn't 
mean HTTP scheme specificity couldn't adversely affect her ability to 
control her own vulnerability (privacy) in cyberspace, at the very least.

It isn't so simple when the protocols in use are ambiguous about their 
essence. To me, URI agnosticism is crucial re. WebID viability. Any task 
that negates this is broken. Again, that doesn't mean every 
implementation has to support multiple schemes, it simply means that on 
implementation should make a scheme specific fatal fault assertion about 
a Cert. based on the scheme of the WebID that it bears. Indicating an 
inability to understand the scheme of the WebID is much better than 
inferring that the WebID is invalid.

-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen
Received on Tuesday, 19 April 2011 20:49:27 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:24 UTC