Re: WebID and Signed Emails

On 11/5/10 7:47 AM, Mischa Tuffield wrote:
>
> On 4 Nov 2010, at 23:32, Kingsley Idehen wrote:
>
>> On 11/4/10 6:48 PM, Melvin Carvalho wrote:
>>> On 4 November 2010 23:24, Kingsley Idehen<kidehen@openlinksw.com 
>>> <mailto:kidehen@openlinksw.com>>  wrote:
>>>> On 11/4/10 5:09 PM, Mischa Tuffield wrote:
>>>>
>>>> Drawing an analogy, this email is signed, I am not signed, the 
>>>> email has a
>>>> uri identifying the person which sent, and they are quite different.
>>>>
>>>> Cheers,
>>>>
>>>> Mischa *2 [cents|pence] worth
>>>>
>>>>> Best,
>>>>>
>>>>> Nathan
>>>>>
>>>> -----BEGIN PGP SIGNATURE-----
>>>> Version: GnuPG/MacGPG2 v2.0.12 (Darwin)
>>>>
>>>> iQIcBAEBAgAGBQJM0yETAAoJEJ7QsE5R8vfvsQoQALCxpsT7wfjSHLIiYsHCuf/8
>>>> KSXHqMMUBiHNJyc8asFyfA9+CGMOM3r3b/kmF5KNPmg49RB9bon5Jlb5fiCvBr5J
>>>> TXYk+5s7iFpLENzhWhDJhCpIX8ZC/HBXDJ/Vpkjijesa3W+5dL/G+4RHYXCpUTi1
>>>> Rwc6FA57pZTb1NnKgmEdK6jCO4sZBhdkyCKaWwlvK1zig07XdP1/CVmblGWpaSuc
>>>> oXJZ9cUf0gKnwI4NDO7B/PjgvfMH7/8pWVPx56f68rk/fnXaOB0aWbxCwuIuDeL/
>>>> obzLU1i7oxjnKD4TMdH+bULJAnZvndyLWPRJBorhfJQqfnvV9xAJGTWAWxf4G5Xh
>>>> r5iHA5FsLIw1GFBuMhWHVsFXtuDhCXrXzWxOTlSPGx43/bIZtXeQbTXcbUvI5zGU
>>>> RAU6etCOFuCEo46H+i0T5yJfUz0OhwjYNBSIqIZq/FDpt9rkCKNavXIhRmazKCoI
>>>> l7Lh5zouk9UH+wuKfE4Z0yAbXDTgobmbqcZzKzBXgzx9B8haYuCEKXcbmBbWIt2h
>>>> +p2OkAEBfngZZMtz2Wi5WQWE/dgv0cPjX19y9sHcXpaop6i9kFArQeCuYb/p+6fr
>>>> G1FnjZYTOKWex9eQd88oxzlisFafyU8cgTX2VxEdiH6Ko7yD1wdhyAw8KYegEnL+
>>>> 4O+cZmx+6w0HQNwM2T5D
>>>> =Q5HZ
>>>> -----END PGP SIGNATURE-----
>>>>
>>>>
>>>> Misca,
>>>>
>>>> Nice of you to bring this up, I've changed topic heading accordingly.
>>>>
>>>> Now imagine if your signature also included your WebID. Then my 
>>>> email client
>>>> would verify your mails using the WebID protocol :-)
>>>>
>>>> Another example of the power of Linked Data!
>>> Do you even need your WebID in your signature?
>
> Nah, don't think it is needed ...

I agree, as per comment to Melvin, a bit of a sys-overload day for me. 
Lots of parallel operations etc..

>
>>
>> No, not really. Got wires a little crossed, too much multi tasking 
>> today, even by my standards :-)
>>
>> I should be able to verify the sender of the a signed email by 
>> verifying the public key in my possession which boils down to S/MIME 
>> + WebID tweak. Thus, removing CA dependency by allowing self-signed 
>> certs.
>>> What if your WebID pointed to your PGP credentials?
>>
>> That too, and will ultimately be on of the options, I suspect.
>
> I have that stated in my foaf file [1], using the WOT ontology [2], 
> stating that my WebID [3] is the identity of my PGP credentials.

Nice!

Kingsley
>
> [1] http://mmt.me.uk/foaf.rdf
> [2] http://xmlns.com/wot/0.1/
> [3] http://mmt.me.uk/foaf.rdf#mischa
>
> Best,
>
> Mischa
>
>>
>>
>> Kingsley
>>>> --
>>>>
>>>> Regards,
>>>>
>>>> Kingsley Idehen
>>>> President&  CEO
>>>> OpenLink Software
>>>> Web: http://www.openlinksw.com
>>>> Weblog: http://www.openlinksw.com/blog/~kidehen 
>>>> <http://www.openlinksw.com/blog/%7Ekidehen>
>>>> Twitter/Identi.ca: kidehen
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>
>>
>> -- 
>>
>> Regards,
>>
>> Kingsley Idehen
>> President&  CEO
>> OpenLink Software
>> Web: http://www.openlinksw.com
>> Weblog: http://www.openlinksw.com/blog/~kidehen 
>> <http://www.openlinksw.com/blog/%7Ekidehen>
>> Twitter/Identi.ca: kidehen
>>
>>
>>
>>
>>
>>
>


-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen

Received on Friday, 5 November 2010 15:19:17 UTC