RE: Position Paper for W3C Workshop on Identity

Ideally, we would demonstrate the use of *linking* the security services and
any attached commentary (in RDFa), rather than embedding the security
triples in the XHTML.

In the older cert/PKCS7 world AND the W3C xmldsig world with whom we compete
for attention, their signed blobs can add information *about* third party
documents. It's the so-called "detached" signature - that typically signs
typed information - also included in the detached blob. This all references
the document **about which** the third-party signing/trust/integrity service
is making claims, as described. The extended-reference typically includes an
integrity check of some sort (typically, just a hash of some content
transfer encoding of the "document"). 

For now, some use of the semweb wot signatures should do, being a detached
signature in essence. Then, we have shown how we expect the wot type
services *for documents* and webid (for *sites*) to cooperate. That wot
vocab today requires a pgp signing process is largely irrelevant...being
little more than a way of using a tool to invoke the RSA math. What matters
is the foaf card and the wot vocab, not the pgp'ness.

-----Original Message-----
From: public-xg-webid-request@w3.org [mailto:public-xg-webid-request@w3.org]
On Behalf Of Dominik Tomaszuk
Sent: Tuesday, April 26, 2011 3:10 AM
To: Henry Story
Cc: Alexandre Passant; WebID XG; Jeff Sayre; Kingsley Idehen; Peter Williams
Subject: Re: Position Paper for W3C Workshop on Identity

On 26.04.2011 10:36, Henry Story wrote:
> Ok, the paper is ready for xhtml export. Any further changes can then be
edited in the xhtml.
OK. In a few hours XHTML+RDFa version will be ready.

Regards,
Dominik

Received on Tuesday, 26 April 2011 14:04:06 UTC