[foaf-dev] RDFAuth_Sketch: what are we trying to solve
Story Henry
henry.story at bblfish.net
Tue Apr 1 14:48:53 BST 2008
On 1 Apr 2008, at 15:22, Anthony Steele wrote:
> Story Henry wrote:
>
> > But instead of requiring an Identity server we use
>> PGP asymmetric key cryptography to identify the User Agent Owner.
>
> A point of order: In this context, PGP stands for "Pretty Good
> Privacy". It is a particular implementation, albeit a
> groundbreaking one. GPG (http://gnupg.org/ ) is another. I don't
> want to be tied to an implementation when I can use standards.
Yes quite right. I was thinking of any algorithm that would use public
key encryption, and that would allow a public key to be safely
published on the web.
As with HTTPS I can imagine that a good protocol would be flexible as
to which algorithm to use.
Toby Inkster had a some interesting thoughts on how this could relate
to https
http://www.w3.org/mid/62649.81.2.120.180.1206622777.squirrel@goddamn.co.uk
Henry
> I see from Wikipedia (http://en.wikipedia.org/wiki/
> Pretty_Good_Privacy )
> that the relevant standard for public-key cryptography is rfc4880 (http://tools.ietf.org/html/rfc4880
> )
>
> If this would be easier to implement for me over openId/OAuth
> depends on the availability of libraries. I haven't had time to look
> into this or the technical merits of the solution yet.
>
> Anthony
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2429 bytes
Desc: not available
Url : http://lists.usefulinc.com/pipermail/foaf-dev/attachments/20080401/dfaba034/smime.bin
More information about the foaf-dev
mailing list