- From: Peter Williams <home_pw@msn.com>
- Date: Mon, 4 Apr 2011 12:32:41 -0700
- To: Peter Williams <home_pw@msn.com>
- CC: Henry Story <henry.story@bblfish.net>, WebID XG <public-xg-webid@w3.org>
I realized that u spent the last hour ( in the Santa Clara convention center theatre) in a place I last visited in early 90s - when I heard folks on a DARPA funded project try to steer the web to adopt shttp - vs ssl. It was in the days when the web was supposed to be about collective decision making, vs backroom politics between mega-movers. It was there and then I met chino khrishnan (a product manager) who went on to found valicert. (valicert built a business that ... Validated certs issued by cas or individual. "contextual validation" built on that fact checking to add business semantics of many types. And then ... Here we are in webid, basically validating certs, wanting then the validation acts (vs issuing acts) to drive trust policies, authorization policies, name mappings, attribute lookups, claim systems.... ... On the thesis that validation-centric vs issuing-centric infrastructures for key management would scale better, for huge scale environments. Knowing what derailed valicert, it will be interesting to see how w3c culture navigates the same waters - using webid (vs ocsp) technology. On Apr 4, 2011, at 10:55 AM, Peter Williams <home_pw@msn.com> wrote: > I get the impression that the work of this incubator is, essentially, done. There is lots of related work (not related to ssl, certs, keys, assurances) in other forums. > > It comes down to this: though the client cert could just have a webid that points to a . CRT resource on the web (tested to be byte identical to the cert delivered in the ssl message), by adding on the world of triples and foaf card and semweb caching and aggregation (generally) the webid enables an application platform. One example is federated social webs (which seems to be a facebook killer, in politics). > > > If the (corporate) user is behind a connect proxy doing ssl mitm (vs ssl passthru), the protocol doesn't work - as any client authn signature generated by the https ua would fail to validate when received by the agent performing validation. > > In hosting environments such as the azure service bus (with https: vs sb: Uris) webid will struggle since the bus (in https mode) is a series of proxied ssl connections (with non ssl connection across the bus fabric itself, to allow for inspection, data retention, ... And fabric management). > > On Apr 4, 2011, at 9:21 AM, Henry Story <henry.story@bblfish.net> wrote: > >> The minutes for the meeting today are here: >> >> http://www.w3.org/2011/04/04-webid-minutes.html >> >> Henry >> >> On 1 Apr 2011, at 19:59, Henry Story wrote: >> >>> ---------------------------------------------------------- >>> AGENDA Teleconference >>> W3C WebID Interest Group telephone conference 2011-April-04 >>> ----------------------------------------------------------- >>> *15:00-16:00 UTC* >>> *11:00am-12:00pm EST (Boston Time) >>> *17:00am-18:00pm Paris Time >>> Local time: http://timeanddate.com/s/204p >>> >>> Bridge US: +1-617-761-6200 (Zakim) >>> Conference code: 93243 (spells "WEBID") >>> IRC channel : #webid on irc.w3.org:6665 W3C >>> ------------------------------------------------------------------- >>> >>> Chair: Henry Story (a.k.a bblfish ) >>> Scribe: to be decided >>> >>> 1. Admin >>> >>> Agreeing to last reports >>> >>> 2. Introduction >>> >>> Of any new members. >>> >>> 3. Deliverables >>> >>> - spec changes >>> - test cases >>> - other >> >> Social Web Architect >> http://bblfish.net/ >> >> >> > >
Received on Monday, 4 April 2011 19:33:26 UTC