Re: what is on Trust and Proof levels?

Henry Story wrote:
> The proof of ownership of the private key is not in the foaf profile.

Ultra-clarifying, the above is true of FOAF+SSL, I'm saying let's put 
the proof of ownership of the private key in the foaf profile, via a 
signature, and see where it leads us - this enables us to begin asking 
many questions related to trust and consider what factors are in WOT, 
Certificate chains that are not in LOD, and whether the addition of keys 
and signatures addresses some of the missing factors.

For instance, if I make a statement that :me foaf:knows :you, and you 
say that :you foaf:knows :me, then what do we gain if I sign your webid 
(uri) and you place it in your foaf, and you sign my webid and I place 
it in my foaf?

As another example, if I sign my own webid, and place that signature in 
my foaf, then author a document somewhere in RDF, and in the RDF 
document say that it's foaf:maker is <my-webid>, then I sign the URI of 
that document and place the signature in my foaf, what have we 
established, is there something else on which to base some form of 
trust? would that metric be stronger if the signature were in the 
aforementioned RDF document which I authored? Also, is there a benefit 
to me signing that URI (not it's contents, just the URI) that isn't 
already there by me signing my own URI then linking outwards?

I feel these are important questions to be considering, although I 
certainly don't have the answers, and adding in that extra statement to 
make considering these questions may well be worth doing.

Best,

Nathan

Received on Monday, 1 November 2010 14:44:32 UTC