- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Fri, 31 Jul 2015 12:23:54 -0400
- To: public-webid@w3.org
- Message-ID: <55BBA11A.2070506@openlinksw.com>
On 7/31/15 6:42 AM, Andreas Kuckartz wrote: > Kingsley Idehen wrote: >> Keygen doesn't define existence of WebID-TLS. It just offered a >> perceived convenience. > Can WebID-TLS be based on the Web Cryptography API instead? > > What would be the advantages and disadvantages? > > Cheers, > Andreas > > The Web Crypto API is simply a mechanism for creating Crypto Data (e.g., Public and Private Keys). A WebID is an HTTP URI (that identifies an Agent) that you place in the SAN of an X.509 Certificate. The certificate can be generated is a variety of ways. WebID-TLS is about looking up the WebID in SAN as augmentation to the TLS handshake i.e., its simply an additional step that leverages the power of an HTTP URI for de-reference (lookup). In this case you end up with data from a WebID-Profile document. -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog 1: http://kidehen.blogspot.com Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen Twitter Profile: https://twitter.com/kidehen Google+ Profile: https://plus.google.com/+KingsleyIdehen/about LinkedIn Profile: http://www.linkedin.com/in/kidehen Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Friday, 31 July 2015 16:24:18 UTC