Re: World Wide Web of Trust

On 20 Dec 2011, at 16:50, Melvin Carvalho wrote:

> On 20 December 2011 08:26, Henry Story <> wrote:
>> Some time ago we were criticised for taking on the word "Web of Trust" which is confusing as it has been taken
>> up by GPG people. I suggest that when this issue comes up we can now distinguish our version's full name as
>> being a World Wide Web of Trust . Something we could use in the spec perhaps .
> Pointer to the criticism?  I had always considered WOT to a more
> generic idea, that could be expanded to the web.

WoT is definitely generic, though PGP popularised it. Thawte also used WoT for its X.509-based 'community' notarisation initiative; Iím sure there have been others.

> I do like the term "World Wide Web of Trust".   WWWOT?
> I also wonder, Is a GPG key an IFP?  Is it a URN?

No reason why you couldn't express a key (either by full fingerprint, or the truncated fingerprint that PGP uses as a key ID, or the whole key itself) as a URN. I don't think anybody's specced it to date, but it wouldn't be especially difficult once you've settled on what exactly would constitute the 'name'.

(Note also that that an RSA or DSA key used to create/encapsulated within a WebID certificate can also be expressed as a PGP key...)


Mo McRoberts - Technical Lead - The Space,
0141 422 6036 (Internal: 01-26036) - PGP key CEBCF03E,
Project Office: Room 7083, BBC Television Centre, London W12 7RJ
This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated.
If you have received it in error, please delete it from your system.
Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately.
Please note that the BBC monitors e-mails sent or received.
Further communication will signify your consent to this.

Received on Wednesday, 21 December 2011 10:50:24 UTC