- From: Henry Story <henry.story@bblfish.net>
- Date: Mon, 21 Mar 2011 18:05:10 +0100
- To: peter williams <home_pw@msn.com>
- Cc: "'Yngve Nysaeter Pettersen'" <yngve@opera.com>, <public-xg-webid@w3.org>
On 21 Mar 2011, at 17:51, peter williams wrote: > I think it all comes down to this: > > If I have a foaf card in XHTML/RDFa (with my self-asserted pubkey) hosted on > an EV-site, and I (10s later) add the wrong party (pointing to the webid of > a person whose site has NO EV cert), my own site in Opera now no longer > shows the green-address bar when rendering my foaf card in XTHML+RDFa. (10s > ago, it did.) (Just reading the above, hope I did not miss something important) If your browser displays your RDFa foaf profile served by an EV hosted site, then the browser should show that page as being an EV issued page, no matter what resources that page points to. That is the way current pages work. If your foaf profile embeds remote things such as pictures served from somewhere else, then the browser will probably show that the page contains mixed content. Until a good UI and security mechanism for browsers handling merged content appears this is where we will remain. I think Social Web servers or light weight specialised clients will be the first to explore trust with merged graphs. Henry Social Web Architect http://bblfish.net/
Received on Monday, 21 March 2011 17:06:48 UTC