W3C home > Mailing lists > Public > public-webid@w3.org > October 2012

Re: WEbID Todos

From: Henry Story <henry.story@bblfish.net>
Date: Fri, 5 Oct 2012 21:42:02 +0200
Message-Id: <B8D6C791-58EE-428F-AB55-FF609BD39438@bblfish.net>
To: "public-webid@w3.org" <public-webid@w3.org>, Ben Laurie <benl@google.com>

On 27 Sep 2012, at 13:11, Henry Story <henry.story@bblfish.net> wrote:

> While it is still fresh in my head let me write down a few things that came out of the conversation with Ben that we can improve in our spec:
> 
> 1. Improve the spec to show how a WebID can be associated with a number of public keys.
> 2. Add a wiki page detailing the Making the public key:
>   - we should have a wiki page that goes into detail in the process of key creation as shown in the video shown on 
>      http://webid.info/
>    so we can point people to it. This is not obvious
> 3. Having a password for your profile page is no sin.
>   We should perhaps emphasize that somewhere: the profile page you have may be the one place
> you can still use a password. I know that foaf.me and my-profile had wanted to only use certificates, and that doing this though conceptually cool, makes starting things up more difficult. Other toosl can be used such as one time passwords, or OATH ( OATH not OAUTH! ), but the benefits of WebID comes from logging into OTHER sites that support it, removing the NASCAR problems.
> 4. Explain TLS renegotiation more: this is what allows one to create TLS sites that don't ask you for a certificate before you even reach the page.
> 5. Link clearly to the improvements in browsers that can be done.
> 
> All of these should be easily available from the home page of the community group and from webid.info
> 
> Those some points I can remember, that we could improve.

We also need to do the security considernations section and though this 
is not a final standard it is probably going to be useful to use the vocabulary 
from here

http://tools.ietf.org/html/draft-iab-privacy-considerations-03
https://tools.ietf.org/html/draft-hansen-privacy-terminology-03

A good place to start would be to look at Harry Halpin's condensed FUD.

http://lists.w3.org/Archives/Public/public-identity/2012Oct/0036.html

Henry



> 
> Henry
> 
> Social Web Architect
> http://bblfish.net/
> 

Social Web Architect
http://bblfish.net/



Received on Friday, 5 October 2012 19:42:34 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:54:37 UTC