- From: Toby A Inkster <tai@g5n.co.uk>
- Date: Mon, 13 Jul 2009 20:16:49 +0100
- To: Kaliya <kaliya@mac.com>
- Cc: public-xg-socialweb@w3.org
On 13 Jul 2009, at 18:31, Kaliya wrote: > The think I am confused about when you propose this is that your > browser becomes a "beacon" giving away your identifier to who ever > asks. Maybe I am not understanding how this [FOAF+SSL] works but > when Kingsley explained it to me at the Sem Web conference this is > what I "got" Your browser should pop up a dialogue box asking which certificate you wish to use when you visit a website. If you hit "cancel" then the web site may decide to give you anonymous access, or may decline to give you access - it's their choice. However, in some browsers -- particularly if you have exactly one certificate installed -- you will not be shown that dialogue box. This does raise some anonymity issues, but I tend to see that as a browser issue -- the problem has existed for years before FOAF+SSL arrived on the scene. If people care about this issue and complain, then browser developers will fix it and improve client side SSL certificate selection UIs. Ultimately though, the identifiers used by FOAF+SSL are just opaque URLs. The file at the other end of them can include as much or as little information about you as you wish to provide. Name? Optional. E-mail address? Optional. Shoe size? Yes, if you really want - it's up to you! And you can choose to use different identities for different sites, though of course the main motivations for most people in using federated identity systems like FOAF+SSL and OpenID are to consolidate their identity on the web, and avoid setting up different profiles for every service they with to use. -- Toby A Inkster <mailto:mail@tobyinkster.co.uk> <http://tobyinkster.co.uk>
Received on Monday, 13 July 2009 19:16:03 UTC