- From: Anthony Steele <Anthony@PlasticAvalon.org>
- Date: Tue, 01 Apr 2008 14:22:55 +0100
- To: Story Henry <henry.story@bblfish.net>
- CC: Semantic Web <semantic-web@w3.org>, foaf-dev Friend of a <foaf-dev@lists.foaf-project.org>
Story Henry wrote: > But instead of requiring an Identity server we use > PGP asymmetric key cryptography to identify the User Agent Owner. A point of order: In this context, PGP stands for "Pretty Good Privacy". It is a particular implementation, albeit a groundbreaking one. GPG (http://gnupg.org/ ) is another. I don't want to be tied to an implementation when I can use standards. I see from Wikipedia (http://en.wikipedia.org/wiki/Pretty_Good_Privacy ) that the relevant standard for public-key cryptography is rfc4880 (http://tools.ietf.org/html/rfc4880 ) If this would be easier to implement for me over openId/OAuth depends on the availability of libraries. I haven't had time to look into this or the technical merits of the solution yet. Anthony
Received on Tuesday, 1 April 2008 15:27:09 UTC