[saag] WebID protocol
Henry Story <henry.story@bblfish.net> Fri, 30 March 2012 03:49 UTC
Return-Path: <henry.story@bblfish.net>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4737F21E803D for <saag@ietfa.amsl.com>; Thu, 29 Mar 2012 20:49:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.832
X-Spam-Level:
X-Spam-Status: No, score=-5.832 tagged_above=-999 required=5 tests=[AWL=-2.233, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rFk2R8cwvBKM for <saag@ietfa.amsl.com>; Thu, 29 Mar 2012 20:49:06 -0700 (PDT)
Received: from mail-wi0-f172.google.com (mail-wi0-f172.google.com [209.85.212.172]) by ietfa.amsl.com (Postfix) with ESMTP id 4DC2021E8018 for <saag@ietf.org>; Thu, 29 Mar 2012 20:49:06 -0700 (PDT)
Received: by wibhj6 with SMTP id hj6so145825wib.13 for <saag@ietf.org>; Thu, 29 Mar 2012 20:49:05 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:subject:date:message-id:to:mime-version:x-mailer :x-gm-message-state:content-type:content-transfer-encoding; bh=6Y0jj0bfOkAXusYuuKvnXDFnfbm4X/HvjaCoxXrffHQ=; b=HFTbeHzKdN2tf44UEP1fKLSqOWvkTHJQ7Y5wQypvrUT++26LhGarjHCgx+FdgJFsFi sb+ji9viu/pk39oy98atrUjCQAhH+bGJnsvVeD+FCNiwFcAJEnG6dnLnuxJFjQ2jPzHK ZNorh7jg7PDlxqmCiqn/J3XQgjoeiJG5kJ1TKin4497JzxmdMhT7M02BddUWl1lYrJhK QS1HFzDCkO2tgIRHJL6RZmNUCiPtWqJpse7gkfK5tbvmYHwHN7hK0ySn+bxDlL4I7V56 6D+EgylgTAh/YIdnIy0DUuG9D3PlDZENAkVzrX9PyKIYc8v5SLP+aAs6VF4UJ9UG7rsY SvjQ==
Received: by 10.180.101.136 with SMTP id fg8mr2044665wib.4.1333079345473; Thu, 29 Mar 2012 20:49:05 -0700 (PDT)
Received: from [192.168.1.180] (ATuileries-153-1-47-148.w83-202.abo.wanadoo.fr. [83.202.30.148]) by mx.google.com with ESMTPS id ex2sm4461497wib.8.2012.03.29.20.49.04 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 29 Mar 2012 20:49:04 -0700 (PDT)
From: Henry Story <henry.story@bblfish.net>
Date: Fri, 30 Mar 2012 05:49:03 +0200
Message-Id: <583A12BA-8B16-425C-97CD-5D226FCD8BBE@bblfish.net>
To: saag@ietf.org
Mime-Version: 1.0 (Apple Message framework v1257)
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQnulMtuq2DQ5DVgR/nRgMDeQJoCQB9mH85f4QPPu1kONOTDLCmtmEGDQ4fSjFSlSLZs1mut
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: [saag] WebID protocol
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2012 03:49:07 -0000
At the IETF meeting yesterday I mentioned the WebID protocol work done at the W3C. It is essentially just a HOWTO for using TLS client authentication to enable us to build distributed secure social networks (which is what I am really interested in). Distributed Social Networks are of course privacy enhancing since it allows only those people who wish to communicate to do so. As a short example, if I can put my content on my Freedom Box [1], and you can put your information on yours, and it is easy for me to authenticate to your box even if we have never met before (because I am perhaps a friend of a friend of yours) then one can avoid the need for a social network service provider having the view into our communication too. These nodes in the social network don't have to be individuals, they can of course be businesses too. Here are a few links: - short video on http://webid.info/ - spec http://www.w3.org/2005/Incubator/webid/spec/ - community group http://www.w3.org/community/webid/ The work is continuing in the Community Group, and feedback is welcome there. WebID is working at the level of TLS and the semantic web, which is why the work was done at the W3C. But I think it should also be of interest to the people at the IETF working on security. Henry [1] http://freedomboxfoundation.org/ Social Web Architect http://bblfish.net/
- [saag] WebID protocol Henry Story