- From: Henry Story <henry.story@bblfish.net>
- Date: Wed, 29 May 2013 16:07:45 +0200
- To: Melvin Carvalho <melvincarvalho@gmail.com>
- Cc: Coralie Mercier <coralie@w3.org>, Olivier Berger <olivier.berger@telecom-sudparis.eu>, public-webid Group <public-webid@w3.org>
- Message-Id: <28DB0B8F-6E95-4608-B6C8-6057F6AFB80C@bblfish.net>
On 29 May 2013, at 16:02, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > > > > On 29 May 2013 12:46, Henry Story <henry.story@bblfish.net> wrote: > > On 29 May 2013, at 12:43, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > > > > > > > > > On 29 May 2013 12:27, Henry Story <henry.story@bblfish.net> wrote: > > > > On 29 May 2013, at 12:00, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > > > >> > >> > >> > >> On 29 May 2013 10:29, Henry Story <henry.story@bblfish.net> wrote: > >> > >> On 29 May 2013, at 10:08, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > >> > >>> > >>> > >>> > >>> On 29 May 2013 09:29, Henry Story <henry.story@bblfish.net> wrote: > >>> > >>> On 29 May 2013, at 01:14, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > >>> > >>>> > >>>> > >>>> > >>>> On 28 May 2013 11:14, Olivier Berger <olivier.berger@telecom-sudparis.eu> wrote: > >>>> Hi. > >>>> > >>>> In the discussion about the potential use of WebID + TLS as a mean to > >>>> sign-in to Debian Web services/apps, we somehow came to the conclusion > >>>> [0] that it could be used provided that we establish trust in WebIDs > >>>> presented by users, only if they are signed with a GnuPG signature made > >>>> by an existing Debian contributor, leveraging the existing Debian GnuPG > >>>> Web of Trust [1]. > >>>> > >>>> This use of an existing GnuPG WoT, which is essentially distributed, > >>>> fits well with many interesting aspects of WebID (under control of the > >>>> user, etc.). > >>>> > >>>> Wrt Linked Data, this is not exactly optimal : GPG signatures apply for > >>>> documents and not triples, so the model is not as elegant as we'd want > >>>> it ? I guess other signature mechanisms could be more Linked Data proof, > >>>> and may make more sense wrt WebID and trust. > >>>> > >>>> Has this topic of trust wrt WebID been discussed already ? > >>>> > >>>> Manu Sporny, who wrote the original WebID+TLS spec, > >>> > >>> Saying that he wrote the original WebID+TLS spec is pure fantasy. He helped host > >>> the group for a while. The spec has it's origins way before Manu's intervention. > >>> He never participated in the WebID Incubator group. > >>> As a result I have removed his name as a author from the latest spec drafts, > >>> given that he is in fact publically arguing against WebId. His name > >>> remains in the contributors section though. > >>> > >>> You could be right, though that may be slightly harsh. > >>> > >>> I seem to recall that Manu made a big contribution to putting the spec into a professional format. > >> > >> That may be. But that makes him a contributor, not an author or an editor. And so I have kept him as a > >> contributor. > >> > >>> > >>> Manu left the working group, > >> > >> He never joined as far as I recall, so he could not have left. > >> > >>> among other reasons, because he felt that there would be greater adoption in the short to medium term, without the hard dependency on X.509 certificates. This was also the feedback we (Manu and I) got when speaking to Canonical on a conf call about getting WebID into Ubuntu. > >> > >> I was not at that call. So I am not sure what was said. Manu's aims were very different from what the group > >> here was trying to do. His work may be compatible with what we are doing, as most standards in the end should > >> be. > >> > >> From the normative webid site webid.info, if you click on spec you come to: > >> > >> http://www.w3.org/2005/Incubator/webid/spec/ > >> > >> Authors: > >> > >> Manu Sporny, Digital Bazaar, Inc. msporny@digitalbazaar.com > >> Toby Inkster > >> Bruno Harbulot > >> Reto Bachmann-Gmür > >> > >> The first draft of which was > >> > >> http://www.w3.org/2005/Incubator/webid/spec/drafts/ED-webid-20100711/ > >> > >> Manu was the sole editor of this spec, with Henry and Toby as Authors > >> > >> Previous Version > >> > >> http://www.w3.org/2008/09/msnws/papers/foaf+ssl.html > >> > >> IMHO, the previous version was more a position paper than a specification. > >> > >> Significant edits were made in the following weeks, where stephane was also made an editor (and henry remained an author) > >> > >> http://www.w3.org/2005/Incubator/webid/spec/drafts/ED-webid-20100809/ > >> > >> So, I think it was a slightly harsh decision to single him out. > > > > The edits are in the mercurial repository. > > https://dvcs.w3.org/hg/WebID/log/6ec1b5126712/index-respec.html > > > > Different people contributed, manu integrated these contributions, > > and his contributions were mainly editorial, not authorial. > > And so he was listed as one of the editors on those specs. > > > > But since he has not contributed for the last three years, ( his last > > contribution on July 2010 ) and was not present in the Incubator > > we have put him as contributor. > > > > Unless one of us has travelled in time, I think you mean he HAS contributed in the last 3 years. :) > > Ok if you want to be picky: he has not contributed in the past 2 years and 10 months. > The Incubator Group started on 14 January 2011 > > I'm not trying to be picky. Just that your statement was inconsistent. You may even note that Manu posted on the webid mailing list as recently last month. > > In a short space of time, Manu turned a collection of blog posts, wiki pages and a position paper, into a spec. Much of which survives today in terms of structure, naming and definition. He also provided an open source implementation, and would have done much more, had there been a more welcoming environment. > > > So his last contribution was way before the start of this group. > > And so? The same is true of other authors listed. True. We need to remove them too. Henry > > > > > > > > I think this is pretty clear. > > It may be that we need to remove him as editor or author from all the > > recent historical versions of the WebID spec to be consistent. > > > > > > Henry > > > >> > >> > >>> > >>> > >>> > >>>> put together another spec, WebKeys, to be used for encrypting and signing messages. > >>>> > >>>> https://payswarm.com/specs/source/web-keys/ > >>>> > >>>> Could this solve the problem? > >>>> > >>>> I'm unsure what you want to sign, the webid itself, the webid profile page, or the triples associated with the agent ... > >>>> > >>>> > >>>> I guess it could make an interesting use case anyway. > >>>> > >>>> Any comments ? > >>>> > >>>> Best regards, > >>>> > >>>> [0] http://lists.debian.org/debian-devel/2013/05/msg01098.html > >>>> [1] http://www.debian.org/doc/manuals/developers-reference/new-maintainer.html#registering > >>>> -- > >>>> Olivier BERGER > >>>> http://www-public.telecom-sudparis.eu/~berger_o/ - OpenPGP-Id: 2048R/5819D7E8 > >>>> Ingenieur Recherche - Dept INF > >>>> Institut Mines-Telecom, Telecom SudParis, Evry (France) > >>>> > >>>> > >>>> > > Social Web Architect > http://bblfish.net/ > > Social Web Architect http://bblfish.net/
Received on Wednesday, 29 May 2013 14:08:21 UTC