- From: Henry Story <henry.story@bblfish.net>
- Date: Fri, 18 Nov 2011 14:52:26 +0100
- To: WebID XG <public-xg-webid@w3.org>
Section 2.1 Terminology http://webid.info/spec#terminology
As we discussed during this week's teleconference, the terminology in the spec seems a bit heavy. We have
[[
- Verification Agent
Performs authentication on provided WebID credentials and determines if an Identification Agent can have access to a particular resource. A Verification Agent is typically a Web server, but may also be a peer on a peer-to-peer network.
- Identification Agent
Provides identification credentials to a Verification Agent. The Identification Agent is typically also a User Agent.
- Identification Certificate
An X.509 [X509V3] Certificate that must contain a Subject Alternative Name extension with at least one URI entry identifying the Identification Agent. This URI should be dereference-able and result in a document containing RDF data. For example, a certificate identifying the WebID URI http://example.org/webid#public would contain the following:
X509v3 extensions:
...
X509v3 Subject Alternative Name:
URI:http://example.org/webid#public
]]
When these are used in the sequence diagram it makes for very heavy language. In a TLS authentication process, both sides are "Identification Agents" in any case (which may be ok for future uses, but it makes the explanation a bit difficult) Also it would be better english to say "Identifying Agents". And somehow the notion of an "Identification Certificate" seems like a pleonasm.
TLS uses the words Client and Server, "Client Certificate" and "Server Certificate" . We could use those too.
Henry
Social Web Architect
http://bblfish.net/
Received on Friday, 18 November 2011 13:52:59 UTC