Re: "how do you get people to have and keep key pairs?" from Kingsley Idehen on 2011-04-18 (public-xg-webid@w3.org from April 2011)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Mon, 18 Apr 2011 10:06:54 -0400
To: public-xg-webid@w3.org
Message-ID: <4DAC457E.6050506@openlinksw.com>

On 4/18/11 9:40 AM, Nathan wrote:
> alternatively:
>
> Perhaps WebID will simply provide the tooling, familiarity and UIs to 
> manage keys better, such that WOT can build on the increased support 
> and familiarity, rather than specifically using the same key(s).
>
> a fair bit to think about.

WebID will enable or a least act as a catalyst for the above :-)

Kingsley
>
> Nathan wrote:
>> :) it does have certain considerations to factor in though, multiple 
>> usage of keys (to auth, sign, encrypt), management of certs (the more 
>> keys you have per personal uri, the higher the cost and harder the 
>> management), key validity (used from and to, revoked on, do not trust 
>> after X-compromised-date) and so forth.
>>
>> Things like that may be hard to find a good balance on, especially 
>> when once can view webid as utilizing throw away keys, just replace 
>> it w/ another one, or have 20 at a time, and it has no impact on 
>> WebID, but it would on WOT (potentially).
>>
>> Just some areas that may need discussed or considered moving forward, 
>> less it's deemed orthogonal.
>>
>> cheers,
>>
>> nathan
>>
>> Jeff Sayre wrote:
>>> I agree. WebIDs will be the key enablers of a Web of Trust (WOT). A 
>>> real,
>>> user-centric WOT should not require a central authority. It should 
>>> enable
>>> you to decide how much trust you have in the people with whom you
>>> communicate. All of that is possible via WebIDs
>>>
>>> Jeff
>>>
>>>> I was watching a rather great talk yesterday from the web foundation
>>>> board [1] ("Sir Tim and Gordon Brown: How Can the Web Accelerate 
>>>> Social
>>>> and Economic Change?" - highly recommended!) where TimBL briefly 
>>>> touched
>>>> on accountability and web of trust, and he made an interesting point,
>>>> that from a technology standpoint the web of trust is of course 
>>>> possible
>>>> in many different ways, but the biggest hold up is in the domain of
>>>> sociology, namely "how do you get people to have and keep key pairs?".
>>>>
>>>> I've thought about this many times in the past, but perhaps not 
>>>> given it
>>>> enough weight in terms of the social benefits to the web population
>>>> before.. WebID is probably the easiest and most effective way to get
>>>> people to have and keep key pairs, and it appears to me that this 
>>>> could
>>>> well be WebIDs most endearing and long lived feature.
>>>>
>>>> Probably worth some focus time..
>>>>
>>>> [1] http://vimeo.com/22106148
>>>>    * first 10 minutes are in french, the remainder in english.
>>>>
>>>> Best,
>>>>
>>>> Nathan
>>>>
>>>>
>>>
>>>
>>>
>>>
>>
>>
>
>
>


-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen

Received on Monday, 18 April 2011 14:07:20 UTC