- From: Nathan <nathan@webr3.org>
- Date: Mon, 18 Apr 2011 17:41:45 +0100
- To: public-xg-webid@w3.org
- CC: peter williams <home_pw@msn.com>, 'Mo McRoberts' <mo.mcroberts@bbc.co.uk>, 'Henry Story' <henry.story@bblfish.net>
peter williams wrote: > The question is conformance, and the test suite that decides conformance. > What defines a cert as conforming is what we can address in the spec. So does the webid need to be sent /with/ a cert, or /in/ a cert? Could a lookup on the public key be performed by some (trusted) third party service to get back the webid? or even a mini profile of information? Could a URI for a lookup service or directory be placed in the certificate instead of a WebID? issuerAltName? Could the URI be sent by some other means, or by some other extension? Could CRL be utilized/hijacked to return back cert validity info and a corresponding WebID? could it be made semi fault tolerant by leaning on crlDistributionPoints? no need for answers, just some questions to see where our boundaries are.
Received on Monday, 18 April 2011 16:42:27 UTC