W3C home > Mailing lists > Public > public-xg-webid@w3.org > December 2011

Re: World Wide Web of Trust

From: Henry Story <henry.story@bblfish.net>
Date: Wed, 21 Dec 2011 12:01:40 +0100
Cc: Melvin Carvalho <melvincarvalho@gmail.com>, public-xg-webid XG <public-xg-webid@w3.org>, foaf-protocols@lists.foaf-project.org
Message-Id: <F0A039B3-7A8A-4475-B834-ABBFB727BA41@bblfish.net>
To: Mo McRoberts <mo.mcroberts@bbc.co.uk>

On 21 Dec 2011, at 11:49, Mo McRoberts wrote:

> On 20 Dec 2011, at 16:50, Melvin Carvalho wrote:
>> On 20 December 2011 08:26, Henry Story <henry.story@bblfish.net> wrote:
>>> Some time ago we were criticised for taking on the word "Web of Trust" which is confusing as it has been taken
>>> up by GPG people. I suggest that when this issue comes up we can now distinguish our version's full name as
>>> being a World Wide Web of Trust . Something we could use in the spec perhaps .
>> Pointer to the criticism?  I had always considered WOT to a more
>> generic idea, that could be expanded to the web.

Somewhere on the foaf-protocols list a few years ago. It was something that came up. I thought it was a 
point you made, but really I can't remember that clearly. 

> WoT is definitely generic, though PGP popularised it. Thawte also used WoT for its X.509-based 'community' notarisation initiative; Iím sure there have been others.

I agree that Wot is generic, that is why I kept using the term. But at the same time it does lead people
to make an association with a technology that has not succeeded as much as hoped. So I think we could when
needed make the point with the notion of WWWOT :-)

>> I do like the term "World Wide Web of Trust".   WWWOT?
>> I also wonder, Is a GPG key an IFP?  Is it a URN?

A key is not an IFP. An IFP is an Inverse Functional Property. So you mean: is it the object of an IFP.
An the answer is there it is probably the object of an infinite number of IFPs.

Is it a URN. Obviously it is not a URN. Could it be made one? yes, but it would be very very long URN, that
could break a lot of URI tools.

> No reason why you couldn't express a key (either by full fingerprint, or the truncated fingerprint that PGP uses as a key ID, or the whole key itself) as a URN. I don't think anybody's specced it to date, but it wouldn't be especially difficult once you've settled on what exactly would constitute the 'name'.
> (Note also that that an RSA or DSA key used to create/encapsulated within a WebID certificate can also be expressed as a PGP key...)
> M.
> -- 
> Mo McRoberts - Technical Lead - The Space,
> 0141 422 6036 (Internal: 01-26036) - PGP key CEBCF03E,
> Project Office: Room 7083, BBC Television Centre, London W12 7RJ
> http://www.bbc.co.uk/
> This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated.
> If you have received it in error, please delete it from your system.
> Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately.
> Please note that the BBC monitors e-mails sent or received.
> Further communication will signify your consent to this.

Social Web Architect
Received on Wednesday, 21 December 2011 11:02:21 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:50 UTC