- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Thu, 20 May 2021 18:37:54 +0200
- To: Henry Story <henry.story@bblfish.net>
- Cc: Kingsley Idehen <kidehen@openlinksw.com>, Read-Write-Web <public-rww@w3.org>
- Message-ID: <CAKaEYhK_oyAsoJVQvvHEn87dLYnvi4fMcCSVa=5vv9tfcp7W_g@mail.gmail.com>
On Thu, 20 May 2021 at 18:13, Henry Story <henry.story@bblfish.net> wrote: > > > > On 20. May 2021, at 18:05, Melvin Carvalho <melvincarvalho@gmail.com> > wrote: > > > > > > > > On Thu, 20 May 2021 at 17:58, Henry Story <henry.story@bblfish.net> > wrote: > > > > > > > On 20. May 2021, at 17:48, Melvin Carvalho <melvincarvalho@gmail.com> > wrote: > > > > > >> On Thu, 20 May 2021 at 17:22, Henry Story <henry.story@bblfish.net> > wrote: > > >> > > >> > On 20. May 2021, at 17:17, Kingsley Idehen <kidehen@openlinksw.com> > wrote: > > >> > > > >> > Changed title to orient focus. > > >> > > > >> > Here's what exists currently, putting blockchains aside. > > >> > > > >> > • I can generate an X.509 Certificate (which an expiration > date) that functions as my Web Ticket > > >> > • I can ACL protect my RDF documents and even associated > services > > >> > Adding a blockchain to the mix solves the following: > > >> > > >> Btw. with Verifiable Credentials we should now be in a position to go > beyond X509 - finally! > > >> It is also quite possible to bypass the TLS layer for authentication. > > >> Finally one can use description logic to describe access rights. > > >> > > >> I am trying to bring all these ideas together here: > > >> > > >> > https://github.com/solid/authentication-panel/blob/main/proposals/HttpSignature.md > > >> > > >> One type of description could be ownership of a ticket, signed by the > agency giving out the tickets. > > >> > > > Interesting > > > > > > acl:agent [ cert:key </2019-09-02#k1> ], > > > > > > Are agent bnodes of this kind actually working, right now? > > > > > > > If you have good Linked Data libraries those things just work themselves > out nearly > > automatically. > > > > I think I built that in rww-play 5 or 6 years ago, but I can’t remember > clearly. > > But in any case, I am rewriting the server right now from scratch as > part of an EU project > > https://github.com/co-operating-systems/Reactive-SoLiD > > > > The implementation is guding me in writing up these specs. > > > > Looks good. Two questions: > > > > 1. Can ECC keys be used right now -- last I checked webid was only RSA, > DSA (and slow to change) > > WebID used the cert ontology and we only bothered with RSA because there > was no good reason to > compete with the work that was started at the IETF around that time, and > there was nearly > no way to convince them to do something in RDF. All we needed were proofs > of concept. > > > > > 2. can the predicate / literal be inlined and use the publicKeyPEM > predicate from the security vocabulary [1] > > You will find the security vocabulary being used if you search for it in > > > https://github.com/solid/authentication-panel/blob/main/proposals/HttpSignature.md > > There is still some cert ontology used in that document, as I know that > well. > But the process to move to the security vocabulary has started. > Excellent! Like this alot. So newer implementations can use security vocab, and cert vocab possibly slowly phased out over time? > > > > > > > If so, I think this could be implemented somewhat quickly and be spec > compliant > > > > [1] https://w3c-ccg.github.io/security-vocab/#publicKeyPem > > > > > > Henry Story > > > > https://co-operating.systems > > WhatsApp, Signal, Tel: +33 6 38 32 69 84 > > Twitter: @bblfish > > Henry Story > > https://co-operating.systems > WhatsApp, Signal, Tel: +33 6 38 32 69 84 > Twitter: @bblfish > >
Received on Thursday, 20 May 2021 16:38:20 UTC