- From: Nathan <nathan@webr3.org>
- Date: Tue, 06 Jul 2010 12:41:31 +0100
- To: Toby Inkster <tai@g5n.co.uk>
- CC: Thomas Roessler <tlr@w3.org>, Tim Berners-Lee <timbl@w3.org>, Harry Halpin <hhalpin@w3.org>, foaf-protocols@lists.foaf-project.org, Ivan Herman <ivan@w3.org>, Ian Jacobs <ij@w3.org>, Jeffrey Jaff <jeff@w3.org>, www-archive <www-archive@w3.org>, Henry Story <henry.story@gmail.com>
Toby Inkster wrote: > On Tue, 6 Jul 2010 10:30:36 +0200 > Thomas Roessler <tlr@w3.org> wrote: > >> - What are the benefits of using one over the other in the cases >> where they overlap? > > One of the key FOAF+SSL benefits over OpenID is its RESTfulness. > > I can request a FOAF+SSL-secured resource using curl or wget. A typical > OpenID exchange requires various redirections and form-filling, so > cannot easily be achieved using command-line tools like this. > > This makes FOAF+SSL a more suitable authentication system for use-cases > where requests will be made by software agents rather than people - > e.g. securing a SPARQL endpoint or an API endpoint. Further, you can guarantee every bit of information sent and received whilst being identified is encrypted and forced to be over HTTP+TLS. Those are two huge points that make the web RESTful, stateless and safe (from a PID perspective) - not to be taken lightly. Best, Nathan
Received on Tuesday, 6 July 2010 11:42:23 UTC