Re: WebID-ISSUE-20: Portable and Hosted Certificates [WebID Spec] from Nathan on 2011-02-01 (public-xg-webid@w3.org from February 2011)

From: Nathan <nathan@webr3.org>
Date: Tue, 01 Feb 2011 11:32:11 +0000
To: WebID Incubator Group WG <public-xg-webid@w3.org>
Message-ID: <4D47EF3B.6030200@webr3.org>

WebID Incubator Group Issue Tracker wrote:
> WebID-ISSUE-20: Portable and Hosted Certificates [WebID Spec]
> 
> http://www.w3.org/2005/Incubator/webid/track/issues/20
> 
> Raised by: Nathan Rixham
> On product: WebID Spec
> 
> 
> The WebID protocol currently requires the use of X.509v3 certificates, those certificates need to be stored on the client side and sent as part of the TLS authentication process.
> 
> However, provision is made in the Transport Layer Security (TLS) Extensions RFC [1] for certificates to be passed by URL, rather than value, by using the "Client Certificate URLs" feature [2].
> 
> It should be noted that this feature is already standardized and covers most of the WebID protocol in a well defined manner, indeed it has almost all the key elements of "WebID".
> 
> [1] http://tools.ietf.org/html/rfc4366
> [2] http://tools.ietf.org/html/rfc4366#section-3.3

slightly related to ISSUE-6 :
   http://www.w3.org/2005/Incubator/webid/track/issues/6

Received on Tuesday, 1 February 2011 11:34:04 UTC