W3C home > Mailing lists > Public > public-xg-webid@w3.org > December 2011

Re: PGP aside

From: Henry Story <henry.story@bblfish.net>
Date: Thu, 29 Dec 2011 13:09:14 +0100
Cc: Mo McRoberts <mo.mcroberts@bbc.co.uk>, WebID XG <public-xg-webid@w3.org>
Message-Id: <6B1DAB8C-D2FB-4049-B666-BA644F1836A9@bblfish.net>
To: Melvin Carvalho <melvincarvalho@gmail.com>

On 29 Dec 2011, at 13:06, Melvin Carvalho wrote:

> On 29 December 2011 13:05, Henry Story <henry.story@bblfish.net> wrote:
>> 
>> On 29 Dec 2011, at 13:04, Melvin Carvalho wrote:
>> 
>>> On 29 December 2011 13:03, Henry Story <henry.story@bblfish.net> wrote:
>>>> 
>>>> On 29 Dec 2011, at 12:17, Melvin Carvalho wrote:
>>>> 
>>>>> On 29 December 2011 10:31, Mo McRoberts <mo.mcroberts@bbc.co.uk> wrote:
>>>>>> A brief aside, which may or may not be of interest to WebID folk.
>>>>>> 
>>>>>> I was reading through the OpenPGP spec last night, and noticed section 5.2.3.18 which describes the “Preferred Key Server” signature subpacket:
>>>>>> 
>>>>>> “5.2.3.18.  Preferred Key Server
>>>>>> 
>>>>>> 
>>>>>>   (String)
>>>>>> 
>>>>>>   This is a URI of a key server that the key holder prefers be used for
>>>>>>   updates.  Note that keys with multiple User IDs can have a preferred
>>>>>>   key server for each User ID.  Note also that since this is a URI, the
>>>>>>   key server can actually be a copy of the key retrieved by ftp, http,
>>>>>>   finger, etc.”
>>>>>> 
>>>>>> It strikes me that as the spec explicitly provides for serving up a static resource (rather than the target being the URI of an HKP or LDAP server), it could quite easily be an endpoint which performs content negotiation and returns a variety of formats, for example PGP key data *and* linked data (which might contain, for example, a WebID profile).
>>>>> 
>>>> 
>>>> yes, very cool. I have been wondering about this for a long time.
>>>> 
>>>>> Nice find.  I already do this using the wot: vocal.
>>>> 
>>>> You could do this with the cert ontology too no? What is missing?
>>> 
>>> fingerprint?
>> 
>> Can you be more specific?
> 
> http://xmlns.com/wot/0.1/#term_fingerprint

Ok, my mistake. That was not the full question.
Can you give a description of what you do, and why the fingerprint is important.

Another question with PGP: Is there something like a Subject Alternative Name in PGP? How does PGP identify the user? What other ways of identifying a user do they have?

Henry

> 
>> 
>> Henry
>> 
>>> 
>>>> 
>>>> Henry
>>>> 
>>>>> 
>>>>>> 
>>>>>> M.
>>>>>> 
>>>>>> --
>>>>>> Mo McRoberts - Technical Lead - The Space,
>>>>>> 0141 422 6036 (Internal: 01-26036) - PGP key CEBCF03E,
>>>>>> Project Office: Room 7083, BBC Television Centre, London W12 7RJ
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> http://www.bbc.co.uk/
>>>>>> This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated.
>>>>>> If you have received it in error, please delete it from your system.
>>>>>> Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately.
>>>>>> Please note that the BBC monitors e-mails sent or received.
>>>>>> Further communication will signify your consent to this.
>>>>>> 
>>>>>> 
>>>>> 
>>>> 
>>>> Social Web Architect
>>>> http://bblfish.net/
>>>> 
>> 
>> Social Web Architect
>> http://bblfish.net/
>> 

Social Web Architect
http://bblfish.net/
Received on Thursday, 29 December 2011 12:09:47 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 29 December 2011 12:09:47 GMT