W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2012

Re: what are claims mirrors?

From: Henry Story <henry.story@bblfish.net>
Date: Mon, 16 Jan 2012 14:47:33 +0100
Cc: public-xg-webid@w3.org
Message-Id: <2DE6FC09-03A5-45EE-BA5A-5B833F6CF5B9@bblfish.net>
To: Kingsley Idehen <kidehen@openlinksw.com>

On 16 Jan 2012, at 13:11, Kingsley Idehen wrote:

> On 1/16/12 6:20 AM, Henry Story wrote:
>> Kingsley keeps speaking of "Claims mirrors" in support of his arguments. What are they? How do they work?
>> 
>> Henry
>> 
>> Social Web Architect
>> http://bblfish.net/
>> 
>> 
>> 
> I mean the graph that is created in the IdP space.

So you mean the WebID Profile, as specified in 
http://www.w3.org/2005/Incubator/webid/spec/#publishing-the-webid-profile-document
?

In that illustration it would be <https://bob.example/profile> ?

What is the IDP in this scenario? IDP is a word that comes from OpenId. In OpenID the IDP is the service one links to from one's profile page. But in WebID we don't have an IDP in that sense. 


> It holds a mirror of claims in the x.509 certificate in a local key store.

You mean the WebID Profile is mirroring the claims in the X509 certificate?

> 
> We make certificates and persist them to a local keystore. We then make a set of claims via triples in Idp oriented data space that mirrors whats in the local key store.

So given that WebID does not require an IdP, it is even more mysterious what an "IDP oriented dataspace" is.

> 
> If you have a relation associating a subject with a public key in a certificate that resides in your local store, having the same relation in your idp oriented data space via triples implies a mirror.

In that case can we just use the word from the spec namely the WebID Profile?

> 
> I hope that clears up the matter of "mirrored claims" re. WebID.
> 
> btw -- some Idp spaces will mirror other claims too e.g. fingerprints, some can even hold a complete carbon copy of the x.509 certificate.
> 
> 
> -- 
> 
> Regards,
> 
> Kingsley Idehen	
> Founder&  CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter/Identi.ca handle: @kidehen
> Google+ Profile: https://plus.google.com/112399767740508618350/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
> 
> 
> 
> 
> 
> 

Social Web Architect
http://bblfish.net/
Received on Monday, 16 January 2012 13:48:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 16 January 2012 13:48:31 GMT