[foaf-protocols] Standardising the foaf+ssl protocol to launch the Social Web
Reto Bachmann-Gmür
me at farewellutopia.com
Mon Jul 5 20:20:59 CEST 2010
On Mon, Jul 5, 2010 at 7:52 PM, Nathan <nathan at webr3.org> wrote:
>
> ps: yes that did include a pitch for Certified WebID rather than FOAF+SSL!
foaf+ssl is about p2p security. this decentralisation is not only
requirement by w3c design guide lines it also inherently more secure.
As Tyler Close explained several years ago with his httpsy proposal
[1] rather than just pointing to a address on a hierarchical system as
with normal links we should (also) include the public key (or its
hash) in the links.
While replacing https seems unrealistic, allowing trust into "self
signed" certificates by providing the public key in the link should be
feasible without breaking compatibility with existing infrastructure.
The certification in the ssl standard is a compatible but limiting
subset of the multi-party trust chains of foaf+ssl.
Cheers,
reto
1. http://www.waterken.com/dev/YURL/ and
http://www.waterken.com/dev/YURL/Definition/
More information about the foaf-protocols
mailing list