On 9/27/12 5:47 AM, Henry Story wrote:
>>
>> Right - so the steps you missed are where the WebID profile gets
>> updated to include the new key, and where joe.name <http://joe.name/>
>> somehow (how?) decides that this WebID is allowed to log in...
>
> Because the new certificate I received from my server, contains the
> same WebID as the old certificate. The public key changed (and so the
> certificate too of course ) but the WebID remains the same :-)
>
> So for a same id, what remains the same across each certificate, in
> whatever device it happens to be, is the Subject Alternative Name, the
> URI that refers to me: the WebID.
>
> It is true that we don't talk about multiple certificates in the spec.
> I was thinking it should be updated to show the same WebID can have
> multiple public keys, and multiple associated certificates. This
> discussion shows that this may need to be drawn out a lot more.
+1
--
Regards,
Kingsley Idehen
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen