W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

Re: Position Paper for W3C Workshop on Identity

From: Mo McRoberts <mo@nevali.net>
Date: Sun, 24 Apr 2011 09:00:22 +0100
Cc: "Henry Story" <henry.story@bblfish.net>, "Kingsley Idehen" <kidehen@openlinksw.com>, public-xg-webid@w3.org
Message-Id: <5DE4BA13-A3AE-4131-AFBF-C283D874D79F@nevali.net>
To: jeff@sayremedia.com
On 23 Apr 2011, at 23:29, Jeff Sayre wrote:

>>> On 23 Apr 2011, at 19:08, Jeff Sayre wrote:
>>>> Thus, WebID is not just for the Web.
>> On 23 Apr 2011, at 1:21 PM, Henry Story wrote:
>>> Agree, but one should pause at the word "just" here. It makes me wonder:
>>> what else do we have that is bigger? It's a bit like saying Bill Gates
> is just
>>> rich....
> Removing 'just' from my sentence would not make any sense. The point is
> that WebID has a practical role beyond the Web (big W). The Internet is
> bigger than the Web platform. Non-webby protocols can harness the power of
> WebID.

In particular, encouraging e-mail clients not to treat S/MIME signed or encrypted e-mail using certificates from authorities they don't recognise (including, of course, self-signed certs) as “untrusted” rather than “INVALID” wouldn't be a bad thing… I appreciate, of course, that it's a can of worms.

(But, given that practically every e-mail client on the planet understands S/MIME, there's a big surface-area there for use of WebID beyond web authentication — why *shouldn't* I be able to use my WebID certificate to sign e-mail messages, after all?)

Received on Sunday, 24 April 2011 16:47:23 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:44 UTC