From: Derrick Lyndon Pallas <[EMAIL PROTECTED]> Date: 02/09/2007 5:19:12 PM +0100 > >> On 02/03/2007 Ara Pehlivanian <[EMAIL PROTECTED]> wrote: >> >>> So then that settles the issue of authentication. If a third party >>> consumer that reads the hCard wants to validate its authenticity, it >>> can simply use the key (if present). It could further match all linked >>> hCard keys to validate the chain's integrity. N'est pas? >>> > >> Henrich C. Poehls wrote: >> But then we still need to verify (get some trust) that the public-key >> used to verify the digital signature actually belongs to the person we >> assumed (e.g. A public-key certificate issued/signed by VeriSign). Only >> then we have authenticated the hcard of that person via a digital >> signature. >> > How many people actually pay the VeriSign fee to have their key-pair > signed? Not anyone I know.
Self-signed certificates, Company Email-Certificates, or PGP's Web of Trust work for many other applications (e.g. email, chat, ...). I see no reason why they would not be useful "authenticating" the content we author. > And what does it give us that we don't > already have? If you're going to follow chains to hCards, > > 1.) anyone can copy the signature and insert it into an identical hCard > on another site, so you have to make sure that authoritative URL is > somewhere in the hCard and marked as authoritative If the hcard copied is "identical" than it would of course have the same URL the original hcard had, if it is not "identical" (e.g. spoofed, modified) than a copied signature would not validate. Thinking of services that for example aggregate hcards I see value in having the re-displayed hcard (copied and re-published on another site) still signed by the original author. > 2.) anyone can link to an hCard pretending to be the owner, so you have > to check the XFN links to "me"; therefore, users have to update and > re-sign their signature every time a resource (they want to be in the > chain) links to their "authoritative" hCard; e.g. blog posts, which they > authored For Blog posts I would rather add a signature over the whole Blog post or Blog comment, than just over my hcard. Or maybe even over both. In general I think the signature shall cover the content you want to "secure". Everyone then can verify this without the need to go and search and trace the links to find an "authoritative" content. If a viewer finds the content at hand sufficient enough you can verify the signature. Only the first time the viewer needs to start looking to find and verify the author's public key. This can be done using existing services like PGP-Keyservers. > So we do a lot of extra work for not much benefit, except a false sense > of security because a big company is convinced that the person we think > we're looking at is (they think) the person they think we're looking at. I see your point that it adds overhead due to signature generation, and I also see your point that verifying digital signatures must be done right to achieve additional security. But if done right I think the security offered by a digital signature is much higher (or at least very different) than what the "authoritative"-content-trace-back-mechanism has to offer. Cheers, Henrich _______________________________________________ microformats-discuss mailing list microformats-discuss@microformats.org http://microformats.org/mailman/listinfo/microformats-discuss
