WebID-ISSUE-57 (salmon): Salmon and WebID

WebID-ISSUE-57 (salmon): Salmon and WebID


Raised by: Henry Story
On product: 

The Salmon protocol describes a way to sign an atom:entry element and tie the signature to a URI. This allows entries to be posted on non encrypted channels and to verify the author of the post and that it has not been altered. See:


Currently the URI is a webfinger accnt uri, but it could also be a webid - I suppose. 

( As discussed elsewhere it is also true that WebID should be able to work with accnt URIs, by following the same method used by the Salmon protocol to find its keys )

But the Salmon protocol could also use WebID uris. The salmon verifier would then just dereference the WebID and find the public keys for that agent, and find which one signed the entry. This may be a bit time consuming so it would be useful if Salmon could identify the public key with an identifier, to reduce the search. It would just require the public key to have a URI itself.

Does this mean that Salmon and webfinger can only publish one public key at at location? 

If so one could also create a class of Salmon keys to help  agents reduce their search.

Received on Monday, 9 May 2011 14:17:14 UTC