[foaf-protocols] Why SAN?

[Kingsley Idehen]

  On 9/17/10 1:21 PM, Nathan wrote:
> Kingsley Idehen wrote:
>> I tend to believe in hold a balance between User Interaction and 
>> underlying transport metadata re. HTTP. I think the user interaction 
>> with IdP will get confusing if they can locate their identifier in 
>> the security token (X.509 cert) generated by the IdP. 
>
> unsure if you meant "get confusing if they *can't* locate their 
> identifier.." above..?
>
Yes. Darn typos! My keyboard is so darn slow; can't sync, brain, eyes, 
fingers, and keyboard anymore :-(

Corrected version:

I tend to believe in *holding* a balance between User Interaction and 
underlying transport metadata re. HTTP. I think the user interaction 
with IdP will get confusing if users *can't locate their identifiers * 
in the security token (X.509 cert) generated by the IdP.

> FWIW, i totally agree that it's for the best to have the webid in with 
> the certificate, makes sense and keeps it transfer protocol 
> independent; however from an unseen "in the future standpoint" (maybe 
> not so distant given your webfinger/fingerpoint remarks), there may 
> well be protocols we can map to that support public/private key but do 
> not support certificates, to know in advance that we can still map (an 
> abstract) WebID protocol on to these by passing the WebID out with a 
> certificate (or even by key lookup) would imho be beneficial, 
> certainly looks that way and just wondered if anybody knew of any 
> blockers to doing this.

As yes along as user agent and data space platform can see the data with 
high fidelity I have no problems :-)


Kingsley
>
> For now I don't have any protocols or implementations in mind and 
> fully back the in the cert way of doing things :)
>
> Best,
>
> Nathan
>


-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen