- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Wed, 29 May 2013 12:00:55 +0200
- To: Henry Story <henry.story@bblfish.net>
- Cc: Olivier Berger <olivier.berger@telecom-sudparis.eu>, public-webid <public-webid@w3.org>
- Message-ID: <CAKaEYhLJOvJ0mb6ZHj83-tRiSCD8yRsW=77EEW0-miuThZ9uTg@mail.gmail.com>
On 29 May 2013 10:29, Henry Story <henry.story@bblfish.net> wrote: > > On 29 May 2013, at 10:08, Melvin Carvalho <melvincarvalho@gmail.com> > wrote: > > > > > On 29 May 2013 09:29, Henry Story <henry.story@bblfish.net> wrote: > >> >> On 29 May 2013, at 01:14, Melvin Carvalho <melvincarvalho@gmail.com> >> wrote: >> >> >> >> >> On 28 May 2013 11:14, Olivier Berger <olivier.berger@telecom-sudparis.eu>wrote: >> >>> Hi. >>> >>> In the discussion about the potential use of WebID + TLS as a mean to >>> sign-in to Debian Web services/apps, we somehow came to the conclusion >>> [0] that it could be used provided that we establish trust in WebIDs >>> presented by users, only if they are signed with a GnuPG signature made >>> by an existing Debian contributor, leveraging the existing Debian GnuPG >>> Web of Trust [1]. >>> >>> This use of an existing GnuPG WoT, which is essentially distributed, >>> fits well with many interesting aspects of WebID (under control of the >>> user, etc.). >>> >>> Wrt Linked Data, this is not exactly optimal : GPG signatures apply for >>> documents and not triples, so the model is not as elegant as we'd want >>> it ? I guess other signature mechanisms could be more Linked Data proof, >>> and may make more sense wrt WebID and trust. >>> >>> Has this topic of trust wrt WebID been discussed already ? >>> >> >> Manu Sporny, who wrote the original WebID+TLS spec, >> >> >> Saying that he wrote the original WebID+TLS spec is pure fantasy. He >> helped host >> the group for a while. The spec has it's origins way before Manu's >> intervention. >> He never participated in the WebID Incubator group. >> As a result I have removed his name as a author from the latest spec >> drafts, >> given that he is in fact publically arguing against WebId. His name >> remains in the contributors section though. >> > > You could be right, though that may be slightly harsh. > > I seem to recall that Manu made a big contribution to putting the spec > into a professional format. > > > That may be. But that makes him a contributor, not an author or an editor. > And so I have kept him as a > contributor. > > > Manu left the working group, > > > He never joined as far as I recall, so he could not have left. > > among other reasons, because he felt that there would be greater adoption > in the short to medium term, without the hard dependency on X.509 > certificates. This was also the feedback we (Manu and I) got when speaking > to Canonical on a conf call about getting WebID into Ubuntu. > > > I was not at that call. So I am not sure what was said. Manu's aims were > very different from what the group > here was trying to do. His work may be compatible with what we are doing, > as most standards in the end should > be. > >From the normative webid site webid.info, if you click on spec you come to: http://www.w3.org/2005/Incubator/webid/spec/ Authors: Manu Sporny, Digital Bazaar, Inc. msporny@digitalbazaar.com Toby Inkster Bruno Harbulot Reto Bachmann-Gmür The first draft of which was http://www.w3.org/2005/Incubator/webid/spec/drafts/ED-webid-20100711/ Manu was the sole editor of this spec, with Henry and Toby as Authors Previous Version http://www.w3.org/2008/09/msnws/papers/foaf+ssl.html IMHO, the previous version was more a position paper than a specification. Significant edits were made in the following weeks, where stephane was also made an editor (and henry remained an author) http://www.w3.org/2005/Incubator/webid/spec/drafts/ED-webid-20100809/ So, I think it was a slightly harsh decision to single him out. > > > >> >> >> put together another spec, WebKeys, to be used for encrypting and signing >> messages. >> >> https://payswarm.com/specs/source/web-keys/ >> >> Could this solve the problem? >> >> I'm unsure what you want to sign, the webid itself, the webid profile >> page, or the triples associated with the agent ... >> >> >>> >>> I guess it could make an interesting use case anyway. >>> >>> Any comments ? >>> >>> Best regards, >>> >>> [0] http://lists.debian.org/debian-devel/2013/05/msg01098.html >>> [1] >>> http://www.debian.org/doc/manuals/developers-reference/new-maintainer.html#registering >>> -- >>> Olivier BERGER >>> http://www-public.telecom-sudparis.eu/~berger_o/ - OpenPGP-Id: >>> 2048R/5819D7E8 >>> Ingenieur Recherche - Dept INF >>> Institut Mines-Telecom, Telecom SudParis, Evry (France) >>> >>> >>> >>> >> >> Social Web Architect >> http://bblfish.net/ >> >> > > Social Web Architect > http://bblfish.net/ > >
Received on Wednesday, 29 May 2013 10:01:29 UTC