[rdfweb-dev] FOAF & Privacy

B.K. DeLong bkdelong at pobox.com
Fri May 7 17:53:50 UTC 2004


Wrapping ones head around these issues gets tiresome after a while. :)

But this is why I love new text. It's like sitting in 7th grade english 
class after reading The Time Machine and discussing with your geek friend 
about the complexities of the space-time-continuum and the load of science 
time travel could break.

So with that, hear me out...I'm not sure I've closed the circle of thought 
here.

In order to deal with privacy and trust, it looks like the master FOAF file 
of any person needs to be encrypted with their public key - provided they 
have one. There's too much information that could be incredibly useful that 
the user needs to be able to set TRUST with RELATIONSHIPS to share certain 
info. Not only with People....but with Groups and potentially online accounts.

So it's almost like we need some sort of Java application that manages 
one's FOAF and has the ability to encrypt and decrypt based on the user's 
private key - (which reminds me...in order to get joeuser using PGP, there 
has to be a better way to recover private keys. I crashed and lost mine 
once and another time I forgot the paragraph-long key) -

and then using keys of other services, groups or people, reencrypt Foaflets 
with both public keys of the service and the user based on trust 
relationships. Otherwise, what's stopping someone from browsing my full 
FOAF? Or even some of my FOAFlets I setup for other people & services?

So I think in order for FOAF to move to the next level - trust is KEY and 
an encryption scheme is going to be the method to which we reach that 
trust. Since I believe PGP/GPG is the most widely-used method of encryption 
I think we may want to focus on how to integrate this with a FOAFNet or any 
other means of community-wide FOAF adoption.

I may be restating the obvious and a lot of work has been done with the wot 
vocab but I haven't really seen any actual use of such a scheme of an 
encrypted master foaf and public key encrypted foaflets.

Thoughts?

--
B.K. DeLong
bkdelong at pobox.com
+1.617.797.2472

http://ocw.mit.edu                        Work.
http://www.brain-stream.com               Play.
http://www.the-leaky-cauldron.org        Potter.
http://www.city-of-doors.com               Sigil.
http://www.hackerfoundation.org          Future.
http://www.osvdb.org/                         Security.


PGP Fingerprint:
38D4 D4D4 5819 8667 DFD5  A62D AF61 15FF 297D 67FE 




More information about the foaf-dev mailing list