[foaf-protocols] Webid Spec: Reference to the X.509 RFC 5280?

Kingsley Idehen kidehen at openlinksw.com
Mon Aug 16 14:16:53 CEST 2010

  On 8/16/10 12:16 PM, Bruno Harbulot wrote:
> Hi,
> The PKIX spec (RFC 5280) is based on X.509, so it does repeat some of
> the content of the X.509 spec and puts it into context (for a PKI).
> However, the permitted values for the SAN are in the X.509 Specification.
>      http://www.itu.int/rec/T-REC-X.509-200508-I/en
>      (section
> Regarding Webfinger/Fingerpoint, I'm not quite sure how widespread this
> is yet.


Since GMAIL and AOL both support Webfinger, I think its safe to assume 
wide spread use of  resolvable "acct:" and "mailto:" scheme URIs which 
are discovered via emerging .well-known/host-meta resource mechanism and 
associated XRD resources.

Like Toby, we've already implemented support for Webfinger in ODS. We 
also use a variety of associations (via <link/> and @rel) enact 
co-reference where http, mailto, and acct scheme URIs exist for the same 
Referent. Thus using the SPARQL endpoint associated with my Personal 
Data Space you can execute:

define input:same-as "yes"
SELECT DISTINCT  * WHERE {<acct:kidehen at kingsley.idehen.net> ?p ?o}


define input:same-as "yes"
DESCRIBE <acct:kidehen at kingsley.idehen.net>

AND get  identical results to what you would have executing:

define input:same-as "yes"
{<http://kingsley.idehen.net/dataspace/person/kidehen#this> ?p ?o}


define input:same-as "yes"
DESCRIBE <http://kingsley.idehen.net/dataspace/person/kidehen#this>

Net effect here is a meshing of Semantically Lite XRD profile docs and 
Webfinger protocol with the more Semantically rich WebID protocol and 
RDF model based Profile Docs.


-- My Personal Data Space

-- Google hosted Personal Data Space

3. http://bit.ly/aQ51dL -- SPARQL Protocol URL that resolves to a Query 
Results Page showing the co-reference example in my earlier comments.


> Best wishes,
> Bruno.
> On 13/08/2010 22:53, Akbar Hossain wrote:
>> Sorry -  I should have said why I was looking for it!
>> I was reading thru http://tools.ietf.org/html/rfc5280#section-
>> Which I thought was the definition of the permitted values within the
>> Subject Alternative Name (SAN)
>> I guess this is a possible reference too.
>> http://www.openssl.org/docs/apps/x509v3_config.html#Subject_Alternative_Name_
>> I was thinking that a section of the spec could be structured as a
>> table with the permitted entries in SAN
>> and the possible ways to deference the agent details.
>> We dont need to (or cant) specify all but it would be easy to
>> visualise how other deferencing schemes to discover the identifying
>> agents profile could be added to the spec at a later stage if for
>> example against email we listed webfinger and fingerpoint for example.
>> Just a thought.
>> On Fri, Aug 13, 2010 at 9:55 PM, Bruno Harbulot
>> <Bruno.Harbulot at manchester.ac.uk>   wrote:
>>> On 13/08/2010 20:53, Akbar Hossain wrote:
>>>> Hi,
>>>> Minor suggestion. Perhaps we should add a link (reference) to the X.509 RFC.
>>>> I think it is here. http://tools.ietf.org/html/rfc5280
>>> I'm not sure if we need to. This isn't the X.509 RFC but the PKIX RFC,
>>> which is exactly what we avoid to do. (The X.509 specification isn't an
>>> IETF RFC.)
>>> Best wishes,
>>> Bruno.
>>> _______________________________________________
>>> foaf-protocols mailing list
>>> foaf-protocols at lists.foaf-project.org
>>> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols



Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen

More information about the foaf-protocols mailing list