On Thu, Mar 10, 2011 at 12:23:59PM +0100, Jonas Smedegaard wrote:On Thu, Mar 10, 2011 at 02:55:08AM +0100, [email protected] wrote:>>Then how does the authentification part works? Is there a web of >trust, or a way to be sure a X.509 cert belongs to a certain ID?WebID is technically called FOAF+SSL.It is a FOAF resource which includes claims of its own URL and a public key that is governing it. And it is a client certificate containing a URL referencing that FOAF.So when presenting the client certificate, it can be verified by checking that the URL it references does indeed contain that same public key as the client certificate.Instead of trying to shoot down above, please read up on it first. I am not an engineer of WebID nor an expert in the security parts of it.So why in your previous mail are you saying we can?
Sorry. I meant to say that I _believe_ we can.I live in a dream of FOAF being super relevant for FreedomBox. What I meant to say with my final remark was that if you aim sharp and clever challenging questions at me, then you are shooting at a messenger: You may kill my dreams and thereby my preaching of this technology at this mailinglist, but if your intent is to verify solidity of the actual technology (not my dreams of it) then aim at the source - at those actually knowing what they are putting together.
I encourage those interested in the details of WebID to engage at the foaf-protocols mailinglist, and that we here on this list discuss if and how it may be relevant to integrate WebID with other facets of FreedomBox - only summarizing on those aspects discussed in-depth at that more appropriate list.
My point is not to shoot something, just trying to understand. My questions were similar to the one Daniel asked, maybe in a more naive way.
Sorry, I did not mean to treat Daniel as smart and you not. I simply responded in greater length to that first of three emails in this thread, then realized I might be too detailed (not eating my own dogfood - see my comment right above) and therefore responded only briefly on the others, including this one.
[other parts snippet - probably better answered by Henry or others] - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: Digital signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
