- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Tue, 16 Apr 2013 14:25:14 -0400
- To: public-rww@w3.org
- Message-ID: <516D978A.7070203@openlinksw.com>
On 4/16/13 1:59 PM, Jürgen Jakobitsch SWC wrote: > :) please note, this example with hasPublicKey is very old and i just > came to my mind that this was one of the first things i asked on the > list, it should not be the cause for a permathread... > > what i was asking that time was, if it would be a good idea to seperate > the key from webID profile. until now (as far as i know) it is only > possible to come to the public key when dereferencing a webID profile > document holding that key. this would support your suspicion that a > public key is not discoverable as such. > > wkr j Ah! So an RDF document that describes the public key itself [1]. Link: 1. http://bit.ly/P0HVdI -- Post about the benefits of having a URI for a Public Key . Kingsley > > > On Tue, 2013-04-16 at 13:35 -0400, Kingsley Idehen wrote: >> On 4/16/13 1:03 PM, Jürgen Jakobitsch SWC wrote: >>> hi, your suspicion might be correct. >>> maybe because we just used => keys <= so far that are not denoted by >>> an own dereferenceable uri. >> So you mean that entity denoted by a WebID would be in a :hasPublicKey >> relation? If so, then at this point I would presume: >> <http://www.w3.org/ns/auth/cert#key> owl:equivalentProperty :hasPublicKey. >> >> Then when you are offline you can add or remove that relation en route >> to protecting against compromised computer which holds your cert. and >> private key re. WebID+TLS protocol based identity verification. >> Basically, you can delete the existing association(s) and then make new >> ones based on your new WebID, Private Key, and Public Key combo. >> >> Kingsley >>> wkr j >>> >>> see here [1], one of my first mails to the webID list :) >>> >>> [1] >>> http://lists.w3.org/Archives/Public/public-xg-webid/2011Sep/0059.html >>> >>> On Tue, 2013-04-16 at 12:37 -0400, Kingsley Idehen wrote: >>>> Manu, >>>> >>>> I just read: >>>> https://hacks.mozilla.org/2013/04/web-payments-with-payswarm-identity-part-1-of-3/. >>>> >>>> Of the four points listed below, where does WebID+TLS fall short? >>>> 1. It must be decentralized. >>>> 2. It must support discoverability by using a resolvable address, >>>> like a URL or email address. >>>> 3. It must support, with authorization, arbitrary >>>> machine-readable information being attached to the identity by >>>> 3rd parties. >>>> 4. It must be able to provide both public and private data to >>>> external sites, based on who is accessing the resource. >>>> 5. It must provide a secure digital signature and encryption >>>> mechanism. >>>> >>>> My suspicion is point #2, but please confirm . >>>> >>>> >>>> >>>> -- >>>> >>>> Regards, >>>> >>>> Kingsley Idehen >>>> Founder & CEO >>>> OpenLink Software >>>> Company Web: http://www.openlinksw.com >>>> Personal Weblog: http://www.openlinksw.com/blog/~kidehen >>>> Twitter/Identi.ca handle: @kidehen >>>> Google+ Profile: https://plus.google.com/112399767740508618350/about >>>> LinkedIn Profile: http://www.linkedin.com/in/kidehen >>>> >>>> >>>> >>>> >> -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Tuesday, 16 April 2013 18:25:37 UTC