[keyassure] WebID at W3C and keyassure
Henry Story <henry.story@bblfish.net> Wed, 09 February 2011 17:37 UTC
Return-Path: <henry.story@bblfish.net>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9D3403A67D1 for <keyassure@core3.amsl.com>; Wed, 9 Feb 2011 09:37:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.999
X-Spam-Level:
X-Spam-Status: No, score=-2.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_43=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jBkXGD2gWdnB for <keyassure@core3.amsl.com>; Wed, 9 Feb 2011 09:37:49 -0800 (PST)
Received: from mail-ew0-f44.google.com (mail-ew0-f44.google.com [209.85.215.44]) by core3.amsl.com (Postfix) with ESMTP id 3B0CC3A67A5 for <keyassure@ietf.org>; Wed, 9 Feb 2011 09:37:49 -0800 (PST)
Received: by ewy8 with SMTP id 8so295312ewy.31 for <keyassure@ietf.org>; Wed, 09 Feb 2011 09:37:58 -0800 (PST)
Received: by 10.216.2.68 with SMTP id 46mr16708302wee.71.1297273078229; Wed, 09 Feb 2011 09:37:58 -0800 (PST)
Received: from bblfish.home (ALagny-751-1-13-24.w83-112.abo.wanadoo.fr [83.112.208.24]) by mx.google.com with ESMTPS id i80sm320026wej.4.2011.02.09.09.37.55 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 09 Feb 2011 09:37:55 -0800 (PST)
From: Henry Story <henry.story@bblfish.net>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 09 Feb 2011 18:37:52 +0100
Message-Id: <57722B1C-F0AE-42D9-8ABE-30223D4F0D51@bblfish.net>
To: keyassure@ietf.org
Mime-Version: 1.0 (Apple Message framework v1082)
X-Mailer: Apple Mail (2.1082)
Subject: [keyassure] WebID at W3C and keyassure
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Feb 2011 17:37:50 -0000
Hi, The W3C has started the WebID incubator group http://tinyurl.com/webidxg which is continuing work previously known as foaf+ssl in a more formal setting. I bring this to your attention because the foaf+ssl protocol [1], is conceptually very similar to what I believe keyassure is setting out to do. (I have not seen a draft spec yet, and am going from the group description). Where keyassure is attempting to identify a server using uniquely identifying information in the DNS, WebID is identifying an end user (human, robot or agency), via a profile document containing cryptographically uniquely identifying information placed in the web. Keyassure coul probably use the dns typed subject alternative name to identify the verify X509 certifactes, WebID uses the SAN (and IAN) with https IDs to identify the agent. We are both using canonical referential lookups to get the meaning of a name (Domain Name with keyassure, HTTP+TLS with WebID) which we can then use to prove referential integrity (authentication). So this parallel would by itself be enough to bring this to your attention. But it turns out that WebID could become all the easier to deploy and use if keyassure works, since TLS on the server will become much easier to deploy. Furthermore it makes some very interesting things possible, as discussed for example in "Turning every Web Server into a CA", http://lists.w3.org/Archives/Public/public-xg-webid/2011Feb/0060.html For this use case, I think it would help there if the full public key were in the DNS. WebID is really about enabling a distributed secure social web. [3] In any case I think it would be very useful to make sure we track each other's work. I am subscribed to this mailing list now, and our conversations are fully public too. Joining the mailing list is easy http://lists.w3.org/Archives/Public/public-xg-webid/ and we welcome contributions. It is quite easy to join the XG also, if you feel a desire to participate more actively. :-) Henry Story [1] in development here http://www.w3.org/2005/Incubator/webid/spec/ [2] "How does Secure Authentication Work in FOAF+SSL" has an illustration that helps see the parallel. http://www.w3.org/wiki/Foaf%2Bssl/FAQ#How_does_Secure_Authentication_Work_with_FOAF.2BSSL.3F [3] see the videos posted on my home page: Social Web Architect http://bblfish.net/
- [keyassure] WebID at W3C and keyassure Henry Story
- Re: [keyassure] WebID at W3C and keyassure Henry Story
- Re: [keyassure] WebID at W3C and keyassure Paul Hoffman
- Re: [keyassure] WebID at W3C and keyassure Henry Story
- Re: [keyassure] WebID at W3C and keyassure Phillip Hallam-Baker
- Re: [keyassure] WebID at W3C and keyassure Henry Story
- Re: [keyassure] WebID at W3C and keyassure Phillip Hallam-Baker
- Re: [keyassure] WebID at W3C and keyassure Jakob Schlyter
- Re: [keyassure] WebID at W3C and keyassure Phillip Hallam-Baker
- Re: [keyassure] WebID at W3C and keyassure Henry Story
- Re: [keyassure] WebID at W3C and keyassure Jakob Schlyter
- Re: [keyassure] WebID at W3C and keyassure Phillip Hallam-Baker