- From: Michiel de Jong <michiel@unhosted.org>
- Date: Thu, 19 Jul 2012 13:54:13 +0200
- To: public-fedsocweb@w3.org
Hi Melvin, On Thu, Jul 19, 2012 at 1:05 PM, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > +1 sameAs is going to have to become a fact of life, especially for anyone > that chooses to use webfinger ... you should read it as : entity A is the > same as entity B I think you may want to rethink that one. You shouldn't just believe anything you read. I mean, people obviously sometimes say things that aren't true. You would get into situations like this one: http://www.imdb.com/title/tt0079470/quotes?qt=qt0471978 Therefore, a sameAs claim, or any claim for that matter, should only be trusted in the /outgoing/ direction, never in the reverse direction, unless cryptographically signed by the other party. It seems quite fundamental to me. In fact, if your bank would follow your advise, then i could easily go there, tell them "#me sameAs Melvin Carvalho", and they would hand me all your money, telling you "ah, but we just learned from Michiel that entity Michiel is the same as entity Melvin." :) Cheers, Michiel
Received on Thursday, 19 July 2012 11:54:45 UTC