- From: Jürgen Jakobitsch SWC <j.jakobitsch@semantic-web.at>
- Date: Tue, 16 Apr 2013 19:59:35 +0200
- To: Kingsley Idehen <kidehen@openlinksw.com>
- Cc: public-rww@w3.org
:) please note, this example with hasPublicKey is very old and i just came to my mind that this was one of the first things i asked on the list, it should not be the cause for a permathread... what i was asking that time was, if it would be a good idea to seperate the key from webID profile. until now (as far as i know) it is only possible to come to the public key when dereferencing a webID profile document holding that key. this would support your suspicion that a public key is not discoverable as such. wkr j On Tue, 2013-04-16 at 13:35 -0400, Kingsley Idehen wrote: > On 4/16/13 1:03 PM, Jürgen Jakobitsch SWC wrote: > > hi, your suspicion might be correct. > > maybe because we just used => keys <= so far that are not denoted by > > an own dereferenceable uri. > > So you mean that entity denoted by a WebID would be in a :hasPublicKey > relation? If so, then at this point I would presume: > <http://www.w3.org/ns/auth/cert#key> owl:equivalentProperty :hasPublicKey. > > Then when you are offline you can add or remove that relation en route > to protecting against compromised computer which holds your cert. and > private key re. WebID+TLS protocol based identity verification. > Basically, you can delete the existing association(s) and then make new > ones based on your new WebID, Private Key, and Public Key combo. > > Kingsley > > > > wkr j > > > > see here [1], one of my first mails to the webID list :) > > > > [1] > > http://lists.w3.org/Archives/Public/public-xg-webid/2011Sep/0059.html > > > > On Tue, 2013-04-16 at 12:37 -0400, Kingsley Idehen wrote: > >> Manu, > >> > >> I just read: > >> https://hacks.mozilla.org/2013/04/web-payments-with-payswarm-identity-part-1-of-3/. > >> > >> Of the four points listed below, where does WebID+TLS fall short? > >> 1. It must be decentralized. > >> 2. It must support discoverability by using a resolvable address, > >> like a URL or email address. > >> 3. It must support, with authorization, arbitrary > >> machine-readable information being attached to the identity by > >> 3rd parties. > >> 4. It must be able to provide both public and private data to > >> external sites, based on who is accessing the resource. > >> 5. It must provide a secure digital signature and encryption > >> mechanism. > >> > >> My suspicion is point #2, but please confirm . > >> > >> > >> > >> -- > >> > >> Regards, > >> > >> Kingsley Idehen > >> Founder & CEO > >> OpenLink Software > >> Company Web: http://www.openlinksw.com > >> Personal Weblog: http://www.openlinksw.com/blog/~kidehen > >> Twitter/Identi.ca handle: @kidehen > >> Google+ Profile: https://plus.google.com/112399767740508618350/about > >> LinkedIn Profile: http://www.linkedin.com/in/kidehen > >> > >> > >> > >> > > -- | Jürgen Jakobitsch, | Software Developer | Semantic Web Company GmbH | Mariahilfer Straße 70 / Neubaugasse 1, Top 8 | A - 1070 Wien, Austria | Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22 COMPANY INFORMATION | web : http://www.semantic-web.at/ | foaf : http://company.semantic-web.at/person/juergen_jakobitsch PERSONAL INFORMATION | web : http://www.turnguard.com | foaf : http://www.turnguard.com/turnguard | g+ : https://plus.google.com/111233759991616358206/posts | skype : jakobitsch-punkt | xmlns:tg = "http://www.turnguard.com/turnguard#"
Received on Tuesday, 16 April 2013 18:00:07 UTC