W3C home > Mailing lists > Public > public-xg-webid@w3.org > February 2011

Re: WebID-ISSUE-46: Signing the profile document [research]

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Tue, 22 Feb 2011 18:17:02 +0100
Message-ID: <AANLkTim=Ebsg8A6CLuoDUq9pjHnKjx-MAn-Pc64=wR8D@mail.gmail.com>
To: WebID Incubator Group WG <public-xg-webid@w3.org>
Cc: WebID Incubator Group Issue Tracker <sysbot+tracker@w3.org>
On 22 February 2011 14:18, WebID Incubator Group Issue Tracker
<sysbot+tracker@w3.org> wrote:
>
> WebID-ISSUE-46: Signing the profile document [research]
>
> http://www.w3.org/2005/Incubator/webid/track/issues/46
>
> Raised by: Henry Story
> On product: research
>
>
> - What use cases would it solve?

In a general sense it provides an endorsement to claims and also makes
claims portable.  Indeed, an X.509 certificate is just as signed set
of claims.

>
> - How would one sign documents?

An easy way to sign a document, or set of documents could be, but not
limited to, use the existing tool chains supplied with many SCM
systems.  Git, for example, will allow you to sign a snapshot of
documents+revisions using a PGP key, which can often be created from
the same key pair used to create the X.509 cert used in the WebID.

>
> - How complicated would it be to put in place?
>
> - Can one start without signature, and then add information to add signatures later on? Or does one have to find a way of stating that initially?
>
>
>
>
Received on Tuesday, 22 February 2011 17:17:35 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:22 UTC