On 10/5/12 12:37 PM, Henry Story wrote: > C. It would not be problematic to enhance WebID so that a > certificate be verified by checking the signature of the issuer That's already achievable via an ACL. I don't need a specific protocol to determine the nature of my ACL or data access policies. Right now, I have the option to use conventional certificate signature verification in conjunction with the webid <-> public key relationship. The same applies to other factors such as a certificates fingerprint. At times, we get a little confused about WebID (a specific protocol), graphs, logic, and the data access rules/policies. When all is said an done, WebID is just about exploiting the ingenuity of URIs due to the fact that you can place said URIs in X.509 certificates. URIs add the power of indirection to the mix, and via Linked Data principles a URI resolves to an entity relationship graphs endowed with explicit or implicit entity relationship semantics. Someday, I hope to understand why the virtues of this reality (accentuated by the ubiquitous World Wide Web) is all so complex, can't we all just get along? I believe we are all seeking a solution to the Web-scale verifiable identity problem, one that is ultimately grounded in logic and semantics rather than any particular data representation format :-) -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Received on Friday, 5 October 2012 16:56:23 UTC