working with the world, as it adapts to changes in the role of DNS

concerning ISSUE-2: Explore the role of Issuer Alternative Names in WebIDs
I see two argument FOR working with IANs that are focussed on domains, vs http. I'd never considered this before coming her (IANs were always only about cert path linking and link-path discovery, before now).
The sheer momentum around IPv6, DNSSec is such as the saint-andre proposal in IETF is probably a hint of things to come. Quite how DNS SRV records will harmonize with XRD land and its service links, I dont know. There are some bets to take here; or better: some relationship politics to explore. What do vinvolved W3C members want?
In pure XRD land better known as host-meta land, once again the observation is that DNS is getting a strong role - though a different one to the PKIX/DNS worldview in the saint-andre proposal. Into this plays webfinger resolvers, which might blunt worries that an unfettered DNS community would be getting to powerful, introducing undesirable dependencies with social impacts.
So, gut wise, it seems sensible not to buck the obvious mega-dollar investment trend - and be leveraging what we have in the IAN opportunity space to be enabling those giant experiments and freight trains to run WITH US, knowing that the webid protocol can support both (and the webid protocol actively wants "the kind of thing" they both propose about the new role for DNS ).
I dont think its focus should be on server certs (or whether webid protocol related to SSL server role). Its about the role of the issuer field in the cert, as how is embodiment of the topic of "authority" relates to the authority component of the https: URI in the SAN.
its like the cert has in the IAN/SAN it's only mini host-meta...relation, expresing the "authoritative relationship" between two parties co-managing the authority component of the http style webid claim.

Received on Thursday, 3 February 2011 19:03:58 UTC