Re: [uf-discuss] Authenticity of Authoritative hCard

2007-02-15 Thread Henrich C. Poehls
From: Derrick Lyndon Pallas <[EMAIL PROTECTED]> Date: 02/09/2007 5:19:12 PM +0100 > >> On 02/03/2007 Ara Pehlivanian <[EMAIL PROTECTED]> wrote: >> >>> So then that settles the issue of authentication. If a third party >>> consumer that reads the hCard wants to validate its authenticity, it >>> c

Re: [uf-discuss] Authenticity of Authoritative hCard

2007-02-09 Thread Nick Drago
All, Henrich's proposed method of incorporating digital signatures in Microformatted content is now available on the wiki [1]. We would appreciate feedback and suggestions (either directly on the wiki or via the mailing list). Many thanks, Nick [1]: http://microformats.org/wiki/digital-signatur

Re: [uf-discuss] Authenticity of Authoritative hCard

2007-02-09 Thread Derrick Lyndon Pallas
On 02/03/2007 Ara Pehlivanian <[EMAIL PROTECTED]> wrote: So then that settles the issue of authentication. If a third party consumer that reads the hCard wants to validate its authenticity, it can simply use the key (if present). It could further match all linked hCard keys to validate the c

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-02-09 Thread Henrich C. Poehls
Hello Ara, On 02/03/2007 Ara Pehlivanian <[EMAIL PROTECTED]> wrote: > On 2/1/07, John Allsopp <[EMAIL PROTECTED]> wrote: >> vCard has the property key - and so too does therefore hCard. vCard >> defines key (more or less, no cnnection this moment to quote directly) >> >> Specifies the public key o

Re: [uf-discuss] Authenticity of Authoritative hCard

2007-02-08 Thread NewsAgent 2000grad
Ryan Cannon said on Date: 02/07/2007 10:39:08 PM +0100 > On Feb 7, 2007, at 3:09 PM, Ryan King wrote: >>> Perhaps we need a "class="pgp-public-key" property for hCard? >> >> There's already a KEY field in vCard. From RFC2624: >> >>> Type purpose: To specify a public key or authentication certifica

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-02-08 Thread NewsAgent 2000grad
Hello, my name is Henrich C. Poehls, I have been reading the list for quite some while now, without writing. It has been very interesting to see that the topic of authoritative hcards led the discussion to the topic of trust and Digital Signatures. >> Perhaps we need a "class="pgp-public-key" pr

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-02-07 Thread Ryan Cannon
On Feb 7, 2007, at 3:09 PM, Ryan King wrote: Perhaps we need a "class="pgp-public-key" property for hCard? There's already a KEY field in vCard. From RFC2624: Type purpose: To specify a public key or authentication certificate associated with the object that the vCard represents. I'm su

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-02-07 Thread Ryan King
On Jan 31, 2007, at 8:41 AM, Andy Mabbett wrote: In message <[EMAIL PROTECTED]>, Ara Pehlivanian <[EMAIL PROTECTED]> writes what if someone registers ben-ward.net and puts up a fake card on that site. Perhaps we need a "class="pgp-public-key" property for hCard? There's already a KEY fiel

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-02-02 Thread Ara Pehlivanian
On 2/1/07, John Allsopp <[EMAIL PROTECTED]> wrote: vCard has the property key - and so too does therefore hCard. vCard defines key (more or less, no cnnection this moment to quote directly) Specifies the public key or authentication certificate associated with the entity the vcard represents S

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-02-02 Thread John Allsopp
Andy, vCard has the property key - and so too does therefore hCard. vCard defines key (more or less, no cnnection this moment to quote directly) Specifies the public key or authentication certificate associated with the entity the vcard represents thanks j On 31/01/2007, at 8:41 AM, And

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-02-01 Thread Andy Mabbett
In message <[EMAIL PROTECTED]>, Brian Suda <[EMAIL PROTECTED]> writes >This is an example in the wild. >http://www.informatik.uni-hamburg.de/SVS/personnel/henrich/index.php I wonder what an aural browser/ screen reader would make of that... -- Andy Mabbett

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-02-01 Thread Brian Suda
On 1/31/07, Andy Mabbett <[EMAIL PROTECTED]> wrote: In message <[EMAIL PROTECTED]>, Ara Pehlivanian <[EMAIL PROTECTED]> writes >what if someone registers ben-ward.net and puts up a fake >card on that site. Perhaps we need a "class="pgp-public-key" property for hCard? ;-) --- i'm not sure if

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-02-01 Thread Ara Pehlivanian
On 1/31/07, Andy Mabbett <[EMAIL PROTECTED]> wrote: Perhaps we need a "class="pgp-public-key" property for hCard? Intriguing... A. ___ microformats-discuss mailing list microformats-discuss@microformats.org http://microformats.org/mailman/listinfo/m

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-02-01 Thread Andy Mabbett
In message <[EMAIL PROTECTED]>, Ara Pehlivanian <[EMAIL PROTECTED]> writes >what if someone registers ben-ward.net and puts up a fake >card on that site. Perhaps we need a "class="pgp-public-key" property for hCard? ;-) -- Andy Mabbett

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-01-31 Thread Ben Ward
On 31 Jan 2007, at 17:03, Ben Ward wrote: The owner of Ben-Ward.net could have his own personal network of sites too, but they would not be linked to from my own authoritative hCard at ben-ward.co.uk/about. Nothing stops him add rel="me" to his hcard pointing to my site, but that takes us w

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-01-31 Thread Ben Ward
On 31 Jan 2007, at 15:50, Ara Pehlivanian wrote: Yes, but what if someone registers ben-ward.net and puts up a fake card on that site. Then he goes and publishes a partial hCard on myspace and points to ben-ward.net/about with rel="self me". He's effectively hijacked your identity and/or caused c

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-01-31 Thread David Janes
On 1/31/07, Scott Reynen <[EMAIL PROTECTED]> wrote: On Jan 31, 2007, at 9:18 AM, David Janes wrote: > Open ID spells this out up front: authentication is not trust [1]. Nonetheless, people are trying to build trust systems on top of Open ID: http://simonwillison.net/2007/Jan/22/whitelisting/

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-01-31 Thread Ara Pehlivanian
On 1/31/07, David Janes <[EMAIL PROTECTED]> wrote: How if there's another Ben Ward? Sorry, lot's of people have thought about this problem in lots of different realms (as I mentioned, OpenID) and it's intractable. I guess there's no way to manage the partial hCards as they could point anywhere

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-01-31 Thread Scott Reynen
On Jan 31, 2007, at 9:18 AM, David Janes wrote: Open ID spells this out up front: authentication is not trust [1]. Nonetheless, people are trying to build trust systems on top of Open ID: http://simonwillison.net/2007/Jan/22/whitelisting/ This is another topic entirely, but it occurs to me t

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-01-31 Thread David Janes
On 1/31/07, Ara Pehlivanian <[EMAIL PROTECTED]> wrote: Yes, but what if someone registers ben-ward.net and puts up a fake card on that site. Then he goes and publishes a partial hCard on myspace and points to ben-ward.net/about with rel="self me". He's effectively hijacked your identity and/or ca

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-01-31 Thread Ara Pehlivanian
If you mean, someone at 'BenWardSmellsAwful.com' (don't register that, please) writing an hCard and linking to ben-ward.co.uk/about with rel="self me", the relationship is such that the Fake Ben's hcard is discarded in favour of my real one. This does not allow someone to describe 'this hCard here

Re: [uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-01-31 Thread David Janes
On 1/31/07, Ben Ward <[EMAIL PROTECTED]> wrote: The authoritative version of the hCard is only going to be relative to the published hCard itself. The situation doesn't change. Someone could already write an inaccurate hCard for me on their website. They could write a more thorough version and l

[uf-discuss] Authenticity of Authoritative hCard (was: Re: Vote on this: rel="me self" to indicate an authoritative hCard)

2007-01-31 Thread Ben Ward
On 31 Jan 2007, at 14:49, Ara Pehlivanian wrote: Just to stir the pot a little, and maybe it's a good idea to consider authenticity in the whole discussion of authoritative cards. What guarantees that when someone creates an hCard and puts rel="me self" that they are giving the correct URL and th