W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

Re: self-signed

From: Henry Story <henry.story@bblfish.net>
Date: Mon, 18 Apr 2011 16:50:02 +0200
Cc: public-xg-webid@w3.org
Message-Id: <2CA87219-6BB0-418C-8A82-89F259BADEAF@bblfish.net>
To: Kingsley Idehen <kidehen@openlinksw.com>

On 18 Apr 2011, at 16:25, Kingsley Idehen wrote:

> Note: there is a mailto: scheme URI attribute=value pair associated with 'Subject':
> Subject: C=US, ST=Maryland, L=Pasadena, O=Brent Baccala,
>                OU=FreeSoft, CN=www.freesoft.org/emailAddress=baccala@freesoft.org

That is indeed an option.

> If that's all there is in a Certificate, bearing in mind this is the very cheapest Certificate to produce in the real world.

I am not sure there is a price difference between a self signed v3 cert and a v1 certificate. If you can make one you can make the other.

> Ditto most prevalent i.e., no SAN, why shouldn't WebID be capable of doing this?

It would be able to do this. It's a question of trying to keep things simple. The advantage of SAN is that they are clearly defined for the purpose we are using them for, and you can put e-mail addresses in there too. I am not sure of the issues that come up with the above scheme, how standards based they are, etc... It is good to have it as an option if we need it. But I don't see that the arguments for it are very strong yet.

> It just boils down to being scheme agnostic

You're not being scheme agnostic with mailto uris it seems to me. And it seems that sending e-mail uris around the web is not such a good idea as far as spam is concerned. SANs and IANs are scheme agnostic on the other hand.

> and letting the IdP deal with the de-reference functionality. Remember, Linked Data is just a Webby way of handling de-reference and address-of operators that lies at the root of all forms of data access by reference.

Social Web Architect
Received on Monday, 18 April 2011 14:50:32 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:44 UTC