W3C home > Mailing lists > Public > www-archive@w3.org > July 2010

Re: [foaf-protocols] Standardising the foaf+ssl protocol to launch the Social Web

From: Nathan <nathan@webr3.org>
Date: Tue, 06 Jul 2010 17:57:31 +0100
Message-ID: <4C33607B.500@webr3.org>
To: Bruno Harbulot <Bruno.Harbulot@manchester.ac.uk>
CC: Thomas Roessler <tlr@w3.org>, Tim Berners-Lee <timbl@w3.org>, Harry Halpin <hhalpin@w3.org>, foaf-protocols@lists.foaf-project.org, Ivan Herman <ivan@w3.org>, Ian Jacobs <ij@w3.org>, Jeffrey Jaff <jeff@w3.org>, www-archive <www-archive@w3.org>, Henry Story <henry.story@gmail.com>
Bruno Harbulot wrote:
> Hi all,
> 
> I'll start by a list of points that could be standardized (open questions).
> 
> First, on the authentication part:
> 
> 1. Standardizing the representation format: RDF/XML, RDFa, N3?

-1

> 2. Standardizing the vocabulary.

+1

> 3. Standardizing the data we expect to store in the X.509 certificate.

+1

> 4. Standardizing the delegated login procedure.
> Should this be part of this specification or another specification?

fwiw & imho, under another spec - as that delegated login would still 
have to use 'this' spec to do the actual login

> 5. Addressing the issue of signed RDF assertions or comparison with
> other repositories of keys.
> 
>    So far, we've been using a simple dereferencing of the WebID to do the
> verification. It's OK, but it doesn't really improve the security
> compared to OpenID. There is potential to improve the security by using
> the keys of course. How far do we want to go there?

easy either way on this one, would also be interested to see if we can 
get a fingerprint in to the webid.

> Secondly, on the authorization part, it's all the work about ontologies
> for ACLs. Should this belong to the same specification? I see this as a
> separate issue (although equally interesting).

v interested in this one myself, perhaps separate, perhaps separate spec 
under same working group or suchlike..

Best,

Nathan
Received on Tuesday, 6 July 2010 16:58:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 7 November 2012 14:18:31 GMT