[foaf-protocols] Terminology

Henry Story henry.story at bblfish.net
Fri Nov 18 10:14:57 CET 2011


Section 2.1 Terminology http://webid.info/spec#terminology

As we discussed during this week's teleconference, the terminology in the spec seems a bit heavy. We have 

[[
- Verification Agent
  
  Performs authentication on provided WebID credentials and determines if an Identification Agent can have access to a particular resource. A Verification Agent is typically a Web server, but may also be a peer on a peer-to-peer network.

- Identification Agent
 
  Provides identification credentials to a Verification Agent. The Identification Agent is typically also a User Agent.

- Identification Certificate

   An X.509 [X509V3] Certificate that must contain a Subject Alternative Name extension with at least one URI entry identifying the Identification Agent. This URI should be dereference-able and result in a document containing RDF data. For example, a certificate identifying the WebID URI http://example.org/webid#public would contain the following:

X509v3 extensions:
   ...
   X509v3 Subject Alternative Name:
      URI:http://example.org/webid#public

]]

  When these are used in the sequence diagram it makes for very heavy language. In a TLS authentication process, both sides are "Identification Agents" in any case (which may be ok for future uses, but it makes the explanation a bit difficult) Also it would be better english to say "Identifying Agents". And somehow the notion of an "Identification Certificate" seems like a pleonasm.

 TLS uses the words Client and Server, "Client Certificate" and "Server Certificate" . We could use those too.


  Henry


Social Web Architect
http://bblfish.net/



More information about the foaf-protocols mailing list