[foaf-protocols] Webid Spec: Reference to the X.509 RFC 5280?

Kingsley Idehen kidehen at openlinksw.com
Mon Aug 16 14:16:53 CEST 2010


  On 8/16/10 12:16 PM, Bruno Harbulot wrote:
> Hi,
>
> The PKIX spec (RFC 5280) is based on X.509, so it does repeat some of
> the content of the X.509 spec and puts it into context (for a PKI).
> However, the permitted values for the SAN are in the X.509 Specification.
>      http://www.itu.int/rec/T-REC-X.509-200508-I/en
>      (section 8.3.2.1)
>
> Regarding Webfinger/Fingerpoint, I'm not quite sure how widespread this
> is yet.

Bruno,

Since GMAIL and AOL both support Webfinger, I think its safe to assume 
wide spread use of  resolvable "acct:" and "mailto:" scheme URIs which 
are discovered via emerging .well-known/host-meta resource mechanism and 
associated XRD resources.

Like Toby, we've already implemented support for Webfinger in ODS. We 
also use a variety of associations (via <link/> and @rel) enact 
co-reference where http, mailto, and acct scheme URIs exist for the same 
Referent. Thus using the SPARQL endpoint associated with my Personal 
Data Space you can execute:


define input:same-as "yes"
SELECT DISTINCT  * WHERE {<acct:kidehen at kingsley.idehen.net> ?p ?o}

OR

define input:same-as "yes"
DESCRIBE <acct:kidehen at kingsley.idehen.net>

AND get  identical results to what you would have executing:

define input:same-as "yes"
SELECT DISTINCT  * WHERE 
{<http://kingsley.idehen.net/dataspace/person/kidehen#this> ?p ?o}

OR

define input:same-as "yes"
DESCRIBE <http://kingsley.idehen.net/dataspace/person/kidehen#this>


Net effect here is a meshing of Semantically Lite XRD profile docs and 
Webfinger protocol with the more Semantically rich WebID protocol and 
RDF model based Profile Docs.


Links:

1. 
http://linkeddata.informatik.hu-berlin.de/uridbg/index.php?url=http%3A%2F%2Fkingsley.idehen.net%2Fods%2Fdescribe%3Furi%3Dkidehen%40kingsley.idehen.net&useragentheader=&acceptheader= 
-- My Personal Data Space

2. 
http://linkeddata.informatik.hu-berlin.de/uridbg/index.php?url=http%3A%2F%2Fwww.google.com%2Fs2%2Fwebfinger%2F%3Fq%3Dkidehen%2540gmail.com&useragentheader=&acceptheader=  
-- Google hosted Personal Data Space

3. http://bit.ly/aQ51dL -- SPARQL Protocol URL that resolves to a Query 
Results Page showing the co-reference example in my earlier comments.



Kingsley

> Best wishes,
>
> Bruno.
>
> On 13/08/2010 22:53, Akbar Hossain wrote:
>> Sorry -  I should have said why I was looking for it!
>>
>> I was reading thru http://tools.ietf.org/html/rfc5280#section-4.2.1.6
>>
>> Which I thought was the definition of the permitted values within the
>> Subject Alternative Name (SAN)
>>
>> I guess this is a possible reference too.
>>
>> http://www.openssl.org/docs/apps/x509v3_config.html#Subject_Alternative_Name_
>>
>> I was thinking that a section of the spec could be structured as a
>> table with the permitted entries in SAN
>> and the possible ways to deference the agent details.
>>
>> We dont need to (or cant) specify all but it would be easy to
>> visualise how other deferencing schemes to discover the identifying
>> agents profile could be added to the spec at a later stage if for
>> example against email we listed webfinger and fingerpoint for example.
>>
>> Just a thought.
>>
>> On Fri, Aug 13, 2010 at 9:55 PM, Bruno Harbulot
>> <Bruno.Harbulot at manchester.ac.uk>   wrote:
>>>
>>> On 13/08/2010 20:53, Akbar Hossain wrote:
>>>> Hi,
>>>>
>>>> Minor suggestion. Perhaps we should add a link (reference) to the X.509 RFC.
>>>>
>>>> I think it is here. http://tools.ietf.org/html/rfc5280
>>> I'm not sure if we need to. This isn't the X.509 RFC but the PKIX RFC,
>>> which is exactly what we avoid to do. (The X.509 specification isn't an
>>> IETF RFC.)
>>>
>>> Best wishes,
>>>
>>> Bruno.
>>> _______________________________________________
>>> foaf-protocols mailing list
>>> foaf-protocols at lists.foaf-project.org
>>> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>>>
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>


-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen







More information about the foaf-protocols mailing list