W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2012

Re: How To Handle WebIDs for (X)HTML based Claim Bearing Resources

From: Mo McRoberts <mo.mcroberts@bbc.co.uk>
Date: Tue, 3 Jan 2012 22:37:13 +0000
Cc: public-xg-webid@w3.org
Message-Id: <15DC1427-5324-4959-B2FA-F01C11AF2057@bbc.co.uk>
To: Kingsley Idehen <kidehen@openlinksw.com>

On 3 Jan 2012, at 22:08, Kingsley Idehen wrote:

> On 1/3/12 2:48 PM, Mo McRoberts wrote:
>>> > 
>>> When you sign the claim a verifier can apply WebID logic to it. Especially, when it already has record of your prior claim. This is what a proxy URI enables i.e., cache of prior claims (URI and Public Key relations) in an Idp space to which you have CRUD privileges.
>>> 
>>> > 
>>> > <my-URI>  owl:sameAs<http://kingsley.blogspot.com/>
>>> > 
>>> > 
>>> Will not work in this scenario. Where is the proof? The relation is<my-URI>  and a Public Key equivalent to<my-New-URI>  and a Public Key, in my idp space. It isn't just about the statement. There is a context to which these equivalence semantics are being applied.
>>> 
>>> > 
>>> > 
>>> Again, I am not mandating owl:sameAs without context of WebID. I am saying, in a nutshell, sign the owl:sameAs claim when its made in idp space. WebID lets you verify claims.
>>> 
>> Sign it with WHAT? You've said the key in the cert has no impact. A newly minted key? Well, I (the attacker) can sign using a key *I*
>>  have just generated.
>> 
>> 
>> 
>> 
> 
> I am saying the key is not the be all and end all. It the relations that matter. Your question is akin to asking: why do you need a composite key when each component of the key has unique identity and functionality in its own right. 

RIGHT, so you do in fact sign the new claim (the owl:sameAs) with the key that you used previously.

Which is what I said previously. And a multitude of times subsequently. Each time to be met with a different obfuscated answer.

This is like pulling teeth.

-- 
Mo McRoberts - Technical Lead - The Space,
0141 422 6036 (Internal: 01-26036) - PGP key CEBCF03E,
Project Office: Room 7083, BBC Television Centre, London W12 7RJ
Received on Tuesday, 3 January 2012 22:37:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 January 2012 22:37:41 GMT