Re: Browser ID from Kingsley Idehen on 2011-07-15 (public-xg-webid@w3.org from July 2011)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Fri, 15 Jul 2011 09:47:51 +0100
To: Ben Adida <ben@adida.net>, WebID XG <public-xg-webid@w3.org>
Message-ID: <4E1FFEB7.4090904@openlinksw.com>

On 7/15/11 5:29 AM, Ben Adida wrote:
>
> Hi folks,
>
> We'll be posting more info on browserid in the next few days, keep an 
> eye on http://identity.mozilla.com.
>
> There are similarities to WebID for sure. There's one important 
> difference: our identifiers are email addresses,

Take 2, added Ben to cc. list.

Ben,

Remember, WebID is URI rather than HTTP URI based. It too works fine 
with mailto: scheme URIs. Our implementation of WebID protocol supports 
mailto: scheme based WebIDs courtesy of WebFinger and Fingerpoint.

I assume WebFinger is still part of the email verification protocol that 
underlies BrowserID? I ask because this is the most important point of 
integration between WebID and BrowerID.

Also, does XRDS remain a critical part of BrowserID? If so, what the 
@rel based relation for public keys or URLs for DER based 
representations of X509 certs? Again, making these clear make WebID and 
BrowserID bridging quite trivial.

> and we're using JSON-based assertions and certs (JWS and JWT) to keep 
> things very simple.

Do you mean "simply simple" or "deceptively simple" ? Anyway, if you 
keep the bridge points to WebID (as outlined above) in place you inherit 
"deceptively simple". For the record, "simply simple" doesn't scale, 
never has, and won't break the mould now. Thus, please take this 
opportunity to lay down vital integration hooks re. WebID. You don't 
have to do anything bar leveraging URIs in a generic sense + make clear 
the relations used for associating a URI with a Public Key.

> (We don't actually want a hyper-generic certificate format, as that 
> tends to introduce complexity and grow the attack surface.)

Hmm. Don't agree, but not worth an argument or debate right now :-)
>
> This is, at this point, very much an experiment, so we look forward to 
> your feedback.

Feedback delivered.

Kingsley

-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen

Received on Friday, 15 July 2011 08:48:28 UTC