- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Thu, 19 Jul 2012 14:06:04 +0200
- To: Michiel de Jong <michiel@unhosted.org>
- Cc: public-fedsocweb@w3.org
- Message-ID: <CAKaEYh+OdHsNjZkaBr38kDb+jG9d6kttWgpF5iRFQ=o8KpfuKQ@mail.gmail.com>
On 19 July 2012 13:54, Michiel de Jong <michiel@unhosted.org> wrote: > Hi Melvin, > > On Thu, Jul 19, 2012 at 1:05 PM, Melvin Carvalho > <melvincarvalho@gmail.com> wrote: > > +1 sameAs is going to have to become a fact of life, especially for > anyone > > that chooses to use webfinger ... you should read it as : entity A is > the > > same as entity B > > I think you may want to rethink that one. You shouldn't just believe > anything you read. I mean, people obviously sometimes say things that > aren't true. You would get into situations like this one: > > http://www.imdb.com/title/tt0079470/quotes?qt=qt0471978 > > Therefore, a sameAs claim, or any claim for that matter, should only > be trusted in the /outgoing/ direction, never in the reverse > direction, unless cryptographically signed by the other party. > > It seems quite fundamental to me. In fact, if your bank would follow > your advise, then i could easily go there, tell them "#me sameAs > Melvin Carvalho", and they would hand me all your money, telling you > "ah, but we just learned from Michiel that entity Michiel is the same > as entity Melvin." :) > Yes, this is called provenance. Does not change the semantics of the initial statement. > > Cheers, > Michiel > >
Received on Thursday, 19 July 2012 12:07:04 UTC