- From: Olivier Berger <olivier.berger@telecom-sudparis.eu>
- Date: Tue, 28 May 2013 11:14:44 +0200
- To: public-webid@w3.org
Hi. In the discussion about the potential use of WebID + TLS as a mean to sign-in to Debian Web services/apps, we somehow came to the conclusion [0] that it could be used provided that we establish trust in WebIDs presented by users, only if they are signed with a GnuPG signature made by an existing Debian contributor, leveraging the existing Debian GnuPG Web of Trust [1]. This use of an existing GnuPG WoT, which is essentially distributed, fits well with many interesting aspects of WebID (under control of the user, etc.). Wrt Linked Data, this is not exactly optimal : GPG signatures apply for documents and not triples, so the model is not as elegant as we'd want it ? I guess other signature mechanisms could be more Linked Data proof, and may make more sense wrt WebID and trust. Has this topic of trust wrt WebID been discussed already ? I guess it could make an interesting use case anyway. Any comments ? Best regards, [0] http://lists.debian.org/debian-devel/2013/05/msg01098.html [1] http://www.debian.org/doc/manuals/developers-reference/new-maintainer.html#registering -- Olivier BERGER http://www-public.telecom-sudparis.eu/~berger_o/ - OpenPGP-Id: 2048R/5819D7E8 Ingenieur Recherche - Dept INF Institut Mines-Telecom, Telecom SudParis, Evry (France)
Received on Tuesday, 28 May 2013 22:54:08 UTC