[foaf-protocols] Standardising the foaf+ssl protocol to launch the Social Web

Seth Russell russell.seth at gmail.com
Fri Jul 16 16:12:58 CEST 2010


I think it's very important that the specification standardize some way for
a merchant to get a simple email address so that they can communicate back
to their customer.  De-referencing a file in an unknown vocabulary to find a
simple email address will be a  non starter for almost all merchants who are
interesting in using this protocol to identify their customers.

Seth Russell
Alpha testing: tagtalking.net
Facebook ing: facebook.com/russell.seth
Twitter ing: twitter.com/SethRussell
Blogging: fastblogit.com/seth/
Catalog selling: www.speaktomecatalog.com
Google profile: google.com/profiles/russell.seth


On Fri, Jul 16, 2010 at 6:24 AM, Nathan <nathan at webr3.org> wrote:

> Henry Story wrote:
> > On 16 Jul 2010, at 13:47, Toby Inkster wrote:
> >> Let's consider:
> >>
> >>      subjectAltName = "URI:mailto:mail at tobyinkster.co.uk"
> >>      subjectAltName = "URI:acct:me at tobyinkster.co.uk<URI%3Aacct%3Ame at tobyinkster.co.uk>
> "
> >>
> >> I consider these flat-out wrong. Every URI that begins "mailto:"
> >> identifies a mailbox, not a foaf:Agent. Similarly, every URI that begins
> >> with "acct:" identifies an account, not a foaf:Agent. The URI given in
> >> the subjectAltName must be a direct identifier for the agent.
> >>
> >> On the other hand:
> >>
> >>      subjectAltName = "email:mail at tobyinkster.co.uk<email%3Amail at tobyinkster.co.uk>
> "
> >>
> >> is a different matter. That's fine as far as I'm concerned.
> >>
> >> For an explanation, what you should do is consider the subjectAltName to
> >> be an RDF graph. Each item in the subjectAltName represents a triple.
> >> For each triple, the subject is implicit - it's the holder of the
> >> certificate; the predicate is determined by the part of the item before
> >> the first colon; the object by the part after the first colon. So, for
> >> example, the following subjectAltName:
> >>
> >>      subjectAltName = email:mail at tobyinkster.co.uk<email%3Amail at tobyinkster.co.uk>
> ,
> >>              email:tai at g5n.co.uk <email%3Atai at g5n.co.uk>,
> >>              URI:http://tobyinkster.co.uk/#i
> >
> > what is this email: ? Is that a new protocol scheme? Or is that part
> > of the X509 spec?
>
> subjectAltName can include multiple values of the types:
>   email
>   URI
>   DNS
>   RID
>   IP
>   dirName
>   otherName
>
> see:
>
> http://www.openssl.org/docs/apps/x509v3_config.html#Subject_Alternative_Name_
>
> I personally include my WebID and my email within my x509 certificate,
> it's that other bit of critical identifying information which let's
> people communicate with me.
>
> IMHO it's a very important bit of info to include and is worth giving
> some thought and dare I say even mentioning in the protocol.
>
> Certainly though we need people to be aware they may come across several
> values in a single subjectAltName (some libs don't cater for this).
>
> Best,
>
> Nathan
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20100716/01e9533f/attachment.htm 


More information about the foaf-protocols mailing list