[foaf-protocols] Why SAN?
kidehen at openlinksw.com
Fri Sep 17 21:19:25 CEST 2010
On 9/17/10 1:21 PM, Nathan wrote:
> Kingsley Idehen wrote:
>> I tend to believe in hold a balance between User Interaction and
>> underlying transport metadata re. HTTP. I think the user interaction
>> with IdP will get confusing if they can locate their identifier in
>> the security token (X.509 cert) generated by the IdP.
> unsure if you meant "get confusing if they *can't* locate their
> identifier.." above..?
Yes. Darn typos! My keyboard is so darn slow; can't sync, brain, eyes,
fingers, and keyboard anymore :-(
I tend to believe in *holding* a balance between User Interaction and
underlying transport metadata re. HTTP. I think the user interaction
with IdP will get confusing if users *can't locate their identifiers *
in the security token (X.509 cert) generated by the IdP.
> FWIW, i totally agree that it's for the best to have the webid in with
> the certificate, makes sense and keeps it transfer protocol
> independent; however from an unseen "in the future standpoint" (maybe
> not so distant given your webfinger/fingerpoint remarks), there may
> well be protocols we can map to that support public/private key but do
> not support certificates, to know in advance that we can still map (an
> abstract) WebID protocol on to these by passing the WebID out with a
> certificate (or even by key lookup) would imho be beneficial,
> certainly looks that way and just wondered if anybody knew of any
> blockers to doing this.
As yes along as user agent and data space platform can see the data with
high fidelity I have no problems :-)
> For now I don't have any protocols or implementations in mind and
> fully back the in the cert way of doing things :)
More information about the foaf-protocols