- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Sat, 20 Jun 2015 11:01:16 -0400
- To: public-webpayments@w3.org
On 06/20/2015 10:37 AM, Timothy Holborn wrote: > Working on local issues, HbbTV is compatible with WebID-TLS from a > device layer (TV's). > > It's potentially important that WebID-TLS becomes interoperable for > billing purposes with other systems that may be best addressed using > Credentials. > > What is the current viewpoint on how these two standards may become > interoperable. I don't think there's much that needs to be done to make them compatible. WebID-TLS, as the name implies, operates at the TLS layer. You could put your DID (decentralized identifier) into the subjectAltName area of a certificate and it would work just like WebID-TLS works today except you'd be dereferencing the DID through some future (to be created) "WebDHT" protocol instead of HTTPS. Once dereferenced, you'd have a "DID document", in JSON-LD format, just like you'd get by dereferencing an HTTPS WebID URL today. This document would have a public key in it (where its paired private key was used in the TLS protocol) and you'd check that against what's in the certificate just like you do today with WebID-TLS. Remember, the identity work in the Credentials CG is just based off of WebID. The WebID spec currently says a WebID is an HTTP or HTTPS URI -- we're just proposing a decentralized protocol that better supports identity portability for the WebIDs in the credentials work. So, in short, the scheme is very compatible. The only difference is that we're looking to use a decentralized, portable identifier (DID) instead of an HTTPS one. Hopefully only a simple software update would be necessary to add support for "WebDHT" look ups. The rest of the protocol would remain the same. -- Dave Longley CTO Digital Bazaar, Inc.
Received on Saturday, 20 June 2015 15:01:40 UTC