- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Mon, 09 Jan 2012 12:23:08 -0500
- To: WebID XG <public-xg-webid@w3.org>
- Message-ID: <4F0B227C.4030302@openlinksw.com>
All, Here is the address of a document that contains the spec for the item above: http://tools.ietf.org/html/draft-ietf-pkix-sca-00 . The semantics are crystal clear. As already stated, utilizing this extension adds benefits to WebID esp. re. consumer profile for publishers. We are going to implement this functionality in both our generators and verifiers, irrespective. Once in place, I'll let Peter demonstrate the power of SPARQL Protocol URL (with a construct query) as vehicle for more dynamic idp spaces that hold claims that mirror those held in a local x.509 cert. In addition, he or I will pretty much do the same for Microformats. Of course, none of this matches the WebID spec, so it may lead to a fork since I've always said the NetID moniker sits in waiting re. a really Open and Flexible approach to the problem at hand i.e., InterWeb scale verifiable identity via portable subject description graphs or info cards that are loosely bound to idp spaces. The fidelity of Linked Data is but an option for achieving the aforementioned goal. An individual should never loose control of their info card just because they loose control over an HTTP scheme URI based Name. Likewise, control over an HTTP URI Name is not the critical proof of identity. Said proof lies in the signed claims in the certificate combined with mirrored claims in the subjects. If you doubt the proof, the just move the argument to the practical realm of resource ACLs at InterWeb scale. A broken system will give individuals access to resources that violate the policies expressed in a given ACL that depends on the WebID verification protocol. No need for broken hypothetical examples about banks since we can test in a real setting via resource ACLs. As demonstrated already by Facebook, you can publish resources on the Web that carry self reflection and in the process contribute to the broader mesh of Linked Data. 100% Linked Data fidelity can easily be picked up by proxy services, as we've demonstrated for many years since the original Linked Data meme and emergence of the burgeoning Linked Open Data cloud. Either way, I am convinced about the value associated with reducing the Linked Data luxury element of WebID. And that's from someone who has been drinking and mixing the Linked Data Kool Aid, on a daily basis, for many years, across many technology frontiers. -- Regards, Kingsley Idehen Founder& CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Monday, 9 January 2012 17:23:35 UTC