[foaf-protocols] Webid Spec: Reference to the X.509 RFC 5280?
kidehen at openlinksw.com
Mon Aug 16 15:14:50 CEST 2010
On 8/16/10 2:11 PM, Melvin Carvalho wrote:
> On 16 August 2010 14:38, Dan Brickley <danbri at danbri.org
> <mailto:danbri at danbri.org>> wrote:
> On Mon, Aug 16, 2010 at 2:16 PM, Kingsley Idehen
> <kidehen at openlinksw.com <mailto:kidehen at openlinksw.com>> wrote:
> > On 8/16/10 12:16 PM, Bruno Harbulot wrote:
> >> Hi,
> >> The PKIX spec (RFC 5280) is based on X.509, so it does repeat
> some of
> >> the content of the X.509 spec and puts it into context (for a PKI).
> >> However, the permitted values for the SAN are in the X.509
> >> http://www.itu.int/rec/T-REC-X.509-200508-I/en
> >> (section 126.96.36.199)
> >> Regarding Webfinger/Fingerpoint, I'm not quite sure how
> widespread this
> >> is yet.
> > Bruno,
> > Since GMAIL and AOL both support Webfinger, I think its safe to
> > wide spread use of resolvable "acct:" and "mailto:" scheme URIs
> > are discovered via emerging .well-known/host-meta resource
> mechanism and associated XRD resources.
> I'm not sure there is quite so much enthusiasm for acct: around
> currently, in particular Eran seems to be having second thoughts. For
> eg see discussion around
> 1. I think the webid spec should focus on dereferencing HTTP URI's
> 2. Other schemes are allowed but I suggest dereferencing is out of
> scope of the core spec.
Yes, its out of the spec. My comments were about "wide spread use" which
has nothing to do with the WebID spec.
> 3. With draft specs such as webfinger, I tend to look for guidance
> from the wider community as they evolve and the W3C TAG.
> WebID should not try to be all things to all people. This is possibly
> a mistake OpenID had in its very early days.
> Personally, I'd stick to a solid way to authenticate with an HTTP URI
> and leave architects and implementors to extend things it as needed.
Yes. that's fine.
My conversation with Dan and Bruno didn't have spec inclusion in mind.
My view is simply one of two approaches that can be meshed (by platforms
rather than specs).
> ps. somewhat related, discussion of 3 different flavours of identifier
> in OAuth2-based "OpenID Connect",
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> <mailto:foaf-protocols at lists.foaf-project.org>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the foaf-protocols