-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/22/2010 12:33 PM, Lucas Stadler wrote: >>> The last basic data type is also the most important. It contains >>> the definition of the information about a particular persons. I >>> call this an 'identity'. The minimal information that is required >>> to be part of the idea, is a foaf:Person definition with a public >>> key defined in it (WOT - Web of Trust). As I thought that a user >>> should only make availlable what he/she wants, one can also decide >>> to encrypt part of the identity and therefor restrict access to >>> a group. (Again, more on this (the groups) later.) >> >> Have you looked at foaf+ssl? >> http://esw.w3.org/Foaf%2Bssl/FAQ >> >> Henry > Actually I did have a look at it, but I do not know if it is good to > require all users having to have an URI, because you either need to > own a domain or find some kind person to give a subdomain or whatever > to you. And if one would use an URI such as http://facebook.com/~me > or something like this, we would end up depending on them anyway. > Is this view correct or somehow ... wrong? >
Having a URI like this does not create the same kind of dependence that a service like Facebook does now, the main difference being that with this sort of scheme, the user can *very* easily switch providers, because the handle is just a convenient way of redirecting requests to you (your server?). > I know had a further look at it and it seems that one needs to have a > web server to use it. At least that is what I guessed from [1]. But I > think that it should be possible to retrieve such a document just by > establishing a connection through TCP or whatever direct connection > one could have between two nodes and encrypt that with SSL. > Personally, I do prefer this method, as the emphasis on the idea was > that of p2p connections. Nonetheless, I think that it is important to > support both, even if the latter would require a server and a domain. > > [1] http://blogs.sun.com/bblfish/entry/foaf_ssl_adding_security_to > > It's good to support both, but I think that the direct, P2P approach might be a better one for two reasons that I can think of at the moment: 1. Some (most?) ISPs prohibit the running of webservers by their customers, but very few block/modify P2P traffic. 2. I have the feeling that it would be much easier to implement and use the P2P approach than the "everyone has a webserver" approach. - -- Henry L -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJL0McnAAoJEIRrI0p6YC9XpcoQAK3xjL5PqpVYMCbZUAigWz3l kgBVpC9rbj3YdcqLq5L7i1Zq22fZJoJk9JispQWBBhW/GaQz06qSH43jk0aewTTO aGmD4uwWyhiTU9tTrhW8h34rgm0Lj6rjaNfkNapTaufxvnKyDkHXr1Rd5RIep3KF GKG6vIPDp6OZMxt9SqUn6VGzmAdROdihSx2CKVtGYweRP2uH9zsqrTNWXMA0q7fU Z7cSbAKk/Q068h0QgWCDDAFKA1vRKm8xv2dBuNvx6u9wHc5DUAjJFYNeGdY4RgBe Itmjz/S5s+u0pbkAnfp6gi+qrQ/FEAawhYdwPdlR6GuIJWKmdM+IPr/CCw6A/Hw+ Y0d8iBJXYrIwVVL/2lIK9kN7whMHyylhwyQixEvc2l4/dF4A2Paxp5PnsWM/aOUl 9GSewAp5TjOM9j2SNT40lbcF4tdDPO1jDjUo7sA8++P2vJnZjkvhwhqHt5ZPFMUo HQh8UyZYi9jGqsf0VCP1/Dkr5LYBFOk3GZUcBB2TWnqg62S82zhBh4QcopFaz5gC Gru7mWndEk/J14XeY8q3jmMjk6//zxmDjIyZHJ7Hw3wCq2D3jOp5D8zigmsQ6+VT cPyLLpOP4yM0tK+q8AD2d+dlIpUOJ2o/GuYPQt9iAzaOI9XqKilAqC4dABbrbUST FVB2eysyAsu8TsIqIl/q =Iz7d -----END PGP SIGNATURE-----
