W3C home > Mailing lists > Public > public-xg-webid@w3.org > December 2011

Re: PGP aside

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Thu, 29 Dec 2011 13:12:56 +0100
Message-ID: <CAKaEYhKi-R67baQOwW7en_PTv89fXSDAfZQX64-wEdBet2bWsA@mail.gmail.com>
To: Henry Story <henry.story@bblfish.net>
Cc: Mo McRoberts <mo.mcroberts@bbc.co.uk>, WebID XG <public-xg-webid@w3.org>
On 29 December 2011 13:09, Henry Story <henry.story@bblfish.net> wrote:
>
> On 29 Dec 2011, at 13:06, Melvin Carvalho wrote:
>
>> On 29 December 2011 13:05, Henry Story <henry.story@bblfish.net> wrote:
>>>
>>> On 29 Dec 2011, at 13:04, Melvin Carvalho wrote:
>>>
>>>> On 29 December 2011 13:03, Henry Story <henry.story@bblfish.net> wrote:
>>>>>
>>>>> On 29 Dec 2011, at 12:17, Melvin Carvalho wrote:
>>>>>
>>>>>> On 29 December 2011 10:31, Mo McRoberts <mo.mcroberts@bbc.co.uk> wrote:
>>>>>>> A brief aside, which may or may not be of interest to WebID folk.
>>>>>>>
>>>>>>> I was reading through the OpenPGP spec last night, and noticed section 5.2.3.18 which describes the “Preferred Key Server” signature subpacket:
>>>>>>>
>>>>>>> “5.2.3.18.  Preferred Key Server
>>>>>>>
>>>>>>>
>>>>>>>   (String)
>>>>>>>
>>>>>>>   This is a URI of a key server that the key holder prefers be used for
>>>>>>>   updates.  Note that keys with multiple User IDs can have a preferred
>>>>>>>   key server for each User ID.  Note also that since this is a URI, the
>>>>>>>   key server can actually be a copy of the key retrieved by ftp, http,
>>>>>>>   finger, etc.”
>>>>>>>
>>>>>>> It strikes me that as the spec explicitly provides for serving up a static resource (rather than the target being the URI of an HKP or LDAP server), it could quite easily be an endpoint which performs content negotiation and returns a variety of formats, for example PGP key data *and* linked data (which might contain, for example, a WebID profile).
>>>>>>
>>>>>
>>>>> yes, very cool. I have been wondering about this for a long time.
>>>>>
>>>>>> Nice find.  I already do this using the wot: vocal.
>>>>>
>>>>> You could do this with the cert ontology too no? What is missing?
>>>>
>>>> fingerprint?
>>>
>>> Can you be more specific?
>>
>> http://xmlns.com/wot/0.1/#term_fingerprint
>
> Ok, my mistake. That was not the full question.
> Can you give a description of what you do, and why the fingerprint is important.

I describe my my PGP key according to the wot vocab using the terms:

fingerprint
hex_id
pubkeyAddress

If there's any better way to semantically describe my key, or i can
use the cert ontology, would love to know.

>
> Another question with PGP: Is there something like a Subject Alternative Name in PGP? How does PGP identify the user? What other ways of identifying a user do they have?
>
> Henry
>
>>
>>>
>>> Henry
>>>
>>>>
>>>>>
>>>>> Henry
>>>>>
>>>>>>
>>>>>>>
>>>>>>> M.
>>>>>>>
>>>>>>> --
>>>>>>> Mo McRoberts - Technical Lead - The Space,
>>>>>>> 0141 422 6036 (Internal: 01-26036) - PGP key CEBCF03E,
>>>>>>> Project Office: Room 7083, BBC Television Centre, London W12 7RJ
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> http://www.bbc.co.uk/
>>>>>>> This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated.
>>>>>>> If you have received it in error, please delete it from your system.
>>>>>>> Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately.
>>>>>>> Please note that the BBC monitors e-mails sent or received.
>>>>>>> Further communication will signify your consent to this.
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>> Social Web Architect
>>>>> http://bblfish.net/
>>>>>
>>>
>>> Social Web Architect
>>> http://bblfish.net/
>>>
>
> Social Web Architect
> http://bblfish.net/
>
Received on Thursday, 29 December 2011 12:13:23 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 29 December 2011 12:13:23 GMT