W3C home > Mailing lists > Public > public-webid@w3.org > March 2012

Re: as trustworthy as the hierarchical CA system currently in place...

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Sun, 04 Mar 2012 12:37:06 -0500
Message-ID: <4F53A842.6010108@openlinksw.com>
To: public-webid@w3.org
On 3/4/12 12:04 PM, elf Pavlik wrote:
> Hello,
>
> After pointing my friend to WebID, he have shared this comment (original linked later):
>
> "After reading the WebID specification once again, I'm not so sure anymore, whether I would want to use it.
>
> As described in section 2.2, the public key is published via the WebID Profile, which is basically a FOAF profile. While section 3.4.2 does note that "An HTTPS WebID will therefore be a lot more trustworthy than an HTTP WebID by a factor of the likelihood of man in the middle attacks", however the whole system is only as trustworthy as the hierarchical CA system currently in place.
>
> How can a web-of-trust be useful, if all the trust is based on a trust system that has been shown to be untrustworthy for more than a decade?"
>
> https://heahdk.net/~nil/news/0005-webid-revisited
>
> Any references to previous discussion on this issue?
> Thanks!
> ~ elf Pavlik ~
>
>

Trouble is that he has somehow lost the entire essence of WebID. The 
trust isn't in the CA network or anything similar to that. Trust is the 
product of verifiable claims held in at least two places:

1. you local keystore
2. a network accessible and addressable resource .

Links:

1. https://plus.google.com/s/WebID%20mirrored%20claims%20idehen -- some 
post about WebID and the effects of "mirrored claims" .

The thing about WebID is that 'You' are in control.

-- 

Regards,

Kingsley Idehen	
Founder&  CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen








Received on Sunday, 4 March 2012 17:37:29 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:54:33 UTC