- From: Henry Story <henry.story@bblfish.net>
- Date: Tue, 26 Jul 2011 04:59:49 +0200
- To: Francisco Corella <fcorella@pomcor.com>
- Cc: "nathan@webr3.org" <nathan@webr3.org>, WebID XG <public-xg-webid@w3.org>, Karen Lewison <kplewison@pomcor.com>
- Message-Id: <3300ED71-DF7D-4B3C-BE04-C233EC47086C@bblfish.net>
On 25 Jul 2011, at 21:50, Francisco Corella wrote: > We will soon revise the white paper to add WebIDs, and PKI certificates > issued by email service providers to assert that the user owns an email address. We > also accomodate the submission of multiple credentials simultaneously, > which makes sense in several use cases. very nice! Please keep us up to date on feedback from the NSTIC. We should also look at using the PKI certificates issued by e-mail service providers as BrowserId does. I think it would fall under the topic of using WebIds in Issuer Alternative Names. So an e-mail server is one possible issuer, but one could also have WebServers be issuers (CA) - as they are currently. After all if the public key used by the https server is the same as the one that signed the certificate, there is no need for the Relying Party to dereference the WebID, other than as a Certificate Revocation and RESTful attribute exchange mechanism. (It may also be psychologically helpful for many people, because it could be that people have trouble understanding certificates that are not signed by a CA.) And yes, I agree there are many technologies that can come together. Being interested in the social web, my focus has been less on anonymity, than in decentralisation of sociality, which I think is the biggest issue at present. I think that it is very difficult to achieve anonymity, as even if the tools are available users will very likely give away a global identifier if asked (credit card, e-mail, address), or something to the same effect: enough information to be identifiable - and not much is required there. But hey, if the technology to make this possible is widely deployed, it will be great to be able to use it :-) Henry Social Web Architect http://bblfish.net/
Received on Tuesday, 26 July 2011 03:00:22 UTC