- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Sun, 04 Aug 2013 18:16:46 -0400
- To: public-webid@w3.org
- Message-ID: <51FED2CE.1050604@openlinksw.com>
On 8/4/13 5:36 PM, Peter Williams wrote: > But, fortunately, I think webid folks figured that out - about a year > ago - that TLS/https for client/server is not the right webby model - > anymore. And, the market told us that the TLS handshakes and > session-resumption recast in layer7 soap packets (per ws-security) was > no better, either. What one needed was a simple crypto-binding - to > get to inter-domain session cookies. Then you do key refresh to replce > cookies as often as you wish, since making ephemeral keys is now cheap. You can also make short-lived certs since cert. generation is now totally trivialized [1]. Breakdown of the items (each a unique identifier in its own right) that make up the composite key I referred to in my response to Melvin: 1. http://id.myopenlink.net/describe/?url=http%3A%2F%2Fid.myopenlink.net%2Fabout%2Fid%2Fentity%2Fhttp%2Ftwitter.com%2Fkidehen%23certF0549410169C0513116A03078AF5C59A992BBE57 -- Certificate 2. http://id.myopenlink.net/describe/?url=http%3A%2F%2Fid.myopenlink.net%2Fcertgen%2Fkey%2F8954 -- Public Key (which is paired with a Private Key) 3. http://id.myopenlink.net/about/id/entity/http/twitter.com/kidehen -- WebID . Link: [1] http://youid.openlinksw.com -- Certificate Generation Trivialized (the Android version is nearing completion too!) . -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Sunday, 4 August 2013 22:17:08 UTC