- From: Dominique Guardiola <dguardiola@quinode.fr>
- Date: Thu, 26 Jan 2012 10:41:30 +0100
- To: public-webid@w3.org
- Message-Id: <84A6F682-068E-403D-B0AF-102D762B10D9@quinode.fr>
Le 26 janv. 2012 à 08:33, Joe Presbrey a écrit : > The notion of self-signed WebID certificates (securely) expiring is invalid and quite easily misunderstood. There are no assurances for start/end dates (or any other properties, eg. WebID URI!) within the certificate itself. > > This is precisely why we resolve the WebID URI: to check if the claims in the certificate are true. We could also check the URI/LD to see if dates match, but we don't currently have schema for that, and why bother? Joe, A "WebID provider" , a repository for many webID could use that to decide to stop serving these public keys. In a relation between a person and his WebID provider (because he does not host his WebID himself), it's a way to invite the person to come and re-sign again, perhaps checking his identity. > Remove the "expired" certificate's public key from your FOAF/LinkedData if you want to deactivate it. Otherwise, > > re-self-sign: > https://gist.github.com/1653329 > > You won't need to update your FOAF/LD as your Public Key will not change. > > > On Wed, 25 Jan 2012, Mischa Tuffield wrote: >> Mischa *needs to generate a new cert I guess $todoList++. > > -- Dominique Guardiola, QUINODE • http://www.quinode.fr/ • Tel : 04.27.86.84.37 • Mob : 06.15.13.22.27
Attachments
- application/pkcs7-signature attachment: smime.p7s
Received on Thursday, 26 January 2012 09:42:27 UTC