W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2011

WebID-ISSUE-2 (bblfish): Explore the role of Issuer Alternative Names in WebIDs

From: WebID Incubator Group Issue Tracker <sysbot+tracker@w3.org>
Date: Thu, 27 Jan 2011 14:51:12 +0000
To: public-xg-webid@w3.org
Message-Id: <E1PiTBo-0006C1-CV@lowblow.w3.org>

WebID-ISSUE-2 (bblfish): Explore the role of Issuer Alternative Names in WebIDs

http://www.w3.org/2005/Incubator/webid/track/issues/2

Raised by: Henry Story
On product: 

Explore the role of Issuer Alternative Names in WebIDs. Issuer Alternative Names (IAN) are part of the same extension of X.509 as Subject Alternative Names (SAN) which is what we are currently using, as per spec, to identify the user via preferrably and https WebID.  

So what can we do if we have a WebID for an IAN?

Does having a WebID for an issuer on a server certificate other than a DNS name make sense? [1] 

Each idea will once explained clearly, require a proof that it really does do what we initially hope
it could do. 

What is seems relatively clear is that the WebID protocol could be used to verify the Identity of the Issuer, assuming he has signed the certificate, in a very similar manner to the verification of the Subject.

[1] for some insights see the RFC draft pointed out to us by Nathan 
 http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-14
 summarised by Jan Wildeboer
 http://lists.w3.org/Archives/Public/public-xg-webid/2011Jan/0063.html
Received on Thursday, 27 January 2011 14:51:14 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 27 January 2011 14:51:14 GMT