using pgp keys in foaf

Bill Kearney wkearney99 at h...
Thu Dec 19 23:12:19 UTC 2002

Hi all,

I just struck on an interesting idea, one I'm sure others have doubtless
considered before. How about we encourage inclusion of one's public pgp info in
their foaf?

This could be used in several rather interesting ways.

I've long wanted to be able to have a 'reasonable small' bit of identifier text
I could use to log into various different systems. It would appear my public
key ID could be used for such a purpose. This would have the side benefit of
that same system being able to use that ID to find my public key to sign
anything that needs sending to me in an encrypted fashion. I'd still want to
make sure to accept signed stuff only from someone (or thing) that I trusted.

This opens up several interesting paths for being able to have systems sending
reasonably secure messages back and forth.

STFW reveals Aaron used a 'pubKeyAddress' element.
He's got his namespaces a little mixed up.

This is covered in the web of trust namespace but the details aren't clear.

Then there's also the XMLDSIG effort of which I'm largely unfamiliar.
Perhaps Joseph Reagle can chime in?

So my question becomes how to /properly/ express a pgp public key in my foaf
file? And what are we interested in seeing here? The ID, the fingerprint or

And if we use the hex ID then do we use the leading 0x chars?
<wot:PubKey wot:hex_id="0x79F14C94" />

How about the fingerprint? Do we include the space every 4 chars?

-Bill Kearney

More information about the foaf-dev mailing list