[foaf-protocols] Selective presentation of WebID-only certificates
henry.story at bblfish.net
Tue Sep 7 22:04:10 CEST 2010
Manu Sporny logged this issue here:
Bruno Harbulot brought this up in April 2009
It came up again a few times such as in this thread
The issues I think is
1. to check what the browser behavior really is
2. to make sure the semantics of doing this is ok (I think it is)
3. what would the name of this Cert Authority be
Currently I have used the DN of
"O=FOAF+SSL, OU=The Community of Self Signers, CN=Not a Certification Authority";
but we would need to agree on this.
I was thinking we should wait until we have a very formal process to decide on this, because we want as many people to be happy with it as possible - or else we would be in danger of not asking people with valid certificates for certificates, just because they decided to choose another DN.
So the issue is also in part to understand how bad the issue of multiple certs is. The advantage is that we could tie the DN to major spec version numbers, ....
Anyway this is a complex issue. It seems there is a solution to it, so it's just a matter of working out the details.
Social Web Architect
More information about the foaf-protocols