- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Wed, 29 May 2013 12:43:39 +0200
- To: Henry Story <henry.story@bblfish.net>
- Cc: Coralie Mercier <coralie@w3.org>, Olivier Berger <olivier.berger@telecom-sudparis.eu>, public-webid Group <public-webid@w3.org>
- Message-ID: <CAKaEYhJFduPJ1TVVkRc3R+mozXESzLHJ=Kd9TLh9Dy+pBx7E6g@mail.gmail.com>
On 29 May 2013 12:27, Henry Story <henry.story@bblfish.net> wrote: > > On 29 May 2013, at 12:00, Melvin Carvalho <melvincarvalho@gmail.com> > wrote: > > > > > On 29 May 2013 10:29, Henry Story <henry.story@bblfish.net> wrote: > >> >> On 29 May 2013, at 10:08, Melvin Carvalho <melvincarvalho@gmail.com> >> wrote: >> >> >> >> >> On 29 May 2013 09:29, Henry Story <henry.story@bblfish.net> wrote: >> >>> >>> On 29 May 2013, at 01:14, Melvin Carvalho <melvincarvalho@gmail.com> >>> wrote: >>> >>> >>> >>> >>> On 28 May 2013 11:14, Olivier Berger <olivier.berger@telecom-sudparis.eu >>> > wrote: >>> >>>> Hi. >>>> >>>> In the discussion about the potential use of WebID + TLS as a mean to >>>> sign-in to Debian Web services/apps, we somehow came to the conclusion >>>> [0] that it could be used provided that we establish trust in WebIDs >>>> presented by users, only if they are signed with a GnuPG signature made >>>> by an existing Debian contributor, leveraging the existing Debian GnuPG >>>> Web of Trust [1]. >>>> >>>> This use of an existing GnuPG WoT, which is essentially distributed, >>>> fits well with many interesting aspects of WebID (under control of the >>>> user, etc.). >>>> >>>> Wrt Linked Data, this is not exactly optimal : GPG signatures apply for >>>> documents and not triples, so the model is not as elegant as we'd want >>>> it ? I guess other signature mechanisms could be more Linked Data proof, >>>> and may make more sense wrt WebID and trust. >>>> >>>> Has this topic of trust wrt WebID been discussed already ? >>>> >>> >>> Manu Sporny, who wrote the original WebID+TLS spec, >>> >>> >>> Saying that he wrote the original WebID+TLS spec is pure fantasy. He >>> helped host >>> the group for a while. The spec has it's origins way before Manu's >>> intervention. >>> He never participated in the WebID Incubator group. >>> As a result I have removed his name as a author from the latest spec >>> drafts, >>> given that he is in fact publically arguing against WebId. His name >>> remains in the contributors section though. >>> >> >> You could be right, though that may be slightly harsh. >> >> I seem to recall that Manu made a big contribution to putting the spec >> into a professional format. >> >> >> That may be. But that makes him a contributor, not an author or an >> editor. And so I have kept him as a >> contributor. >> >> >> Manu left the working group, >> >> >> He never joined as far as I recall, so he could not have left. >> >> among other reasons, because he felt that there would be greater adoption >> in the short to medium term, without the hard dependency on X.509 >> certificates. This was also the feedback we (Manu and I) got when speaking >> to Canonical on a conf call about getting WebID into Ubuntu. >> >> >> I was not at that call. So I am not sure what was said. Manu's aims were >> very different from what the group >> here was trying to do. His work may be compatible with what we are doing, >> as most standards in the end should >> be. >> > > From the normative webid site webid.info, if you click on spec you come > to: > > http://www.w3.org/2005/Incubator/webid/spec/ > > Authors: > > Manu Sporny, Digital Bazaar, Inc. msporny@digitalbazaar.com > Toby Inkster > Bruno Harbulot > Reto Bachmann-Gmür > > The first draft of which was > > http://www.w3.org/2005/Incubator/webid/spec/drafts/ED-webid-20100711/ > > Manu was the sole editor of this spec, with Henry and Toby as Authors > > Previous Version > > http://www.w3.org/2008/09/msnws/papers/foaf+ssl.html > > IMHO, the previous version was more a position paper than a > specification. > > Significant edits were made in the following weeks, where stephane was > also made an editor (and henry remained an author) > > http://www.w3.org/2005/Incubator/webid/spec/drafts/ED-webid-20100809/ > > So, I think it was a slightly harsh decision to single him out. > > > The edits are in the mercurial repository. > https://dvcs.w3.org/hg/WebID/log/6ec1b5126712/index-respec.html > > Different people contributed, manu integrated these contributions, > and his contributions were mainly editorial, not authorial. > And so he was listed as one of the editors on those specs. > > But since he has not contributed for the last three years, ( his last > contribution on July 2010 ) and was not present in the Incubator > we have put him as contributor. > Unless one of us has travelled in time, I think you mean he HAS contributed in the last 3 years. :) > > I think this is pretty clear. > It may be that we need to remove him as editor or author from all the > recent historical versions of the WebID spec to be consistent. > > > Henry > > > >> >> >> >>> >>> >>> put together another spec, WebKeys, to be used for encrypting and >>> signing messages. >>> >>> https://payswarm.com/specs/source/web-keys/ >>> >>> Could this solve the problem? >>> >>> I'm unsure what you want to sign, the webid itself, the webid profile >>> page, or the triples associated with the agent ... >>> >>> >>>> >>>> I guess it could make an interesting use case anyway. >>>> >>>> Any comments ? >>>> >>>> Best regards, >>>> >>>> [0] http://lists.debian.org/debian-devel/2013/05/msg01098.html >>>> [1] >>>> http://www.debian.org/doc/manuals/developers-reference/new-maintainer.html#registering >>>> -- >>>> Olivier BERGER >>>> http://www-public.telecom-sudparis.eu/~berger_o/ - OpenPGP-Id: >>>> 2048R/5819D7E8 >>>> Ingenieur Recherche - Dept INF >>>> Institut Mines-Telecom, Telecom SudParis, Evry (France) >>>> >>>> >>>> >>>> >>> >>> Social Web Architect >>> http://bblfish.net/ >>> >>> >> >> Social Web Architect >> http://bblfish.net/ >> >> > > Social Web Architect > http://bblfish.net/ > >
Received on Wednesday, 29 May 2013 10:44:08 UTC