Re: Web ID as passwordless authentication for debian web services

To: debian-devel@lists.debian.org
Subject: Re: Web ID as passwordless authentication for debian web services
From: Stéphane Glondu <glondu@debian.org>
Date: Fri, 17 May 2013 08:37:59 +0200
Message-id: <[🔎] 5195D047.3090901@debian.org>
In-reply-to: <[🔎] 87d2sqydif.fsf@windlord.stanford.edu>
References: <[🔎] 87y5btehw3.fsf@gkar.ganneff.de> <[🔎] 8738tpwxtk.fsf@inf-8657.int-evry.fr> <[🔎] 20130514140321.23166.32356@bastian.jones.dk> <[🔎] 5193133C.7050506@fifthhorseman.net> <[🔎] 87li7fy6am.fsf@poker.hands.com> <[🔎] 51949F6F.3010700@debian.org> <[🔎] 20130516102031.29499.62330@bastian.jones.dk> <[🔎] 87r4h7kk2r.fsf@windlord.stanford.edu> <[🔎] 519506ED.6030002@debian.org> <[🔎] 87li7ekhjh.fsf@windlord.stanford.edu> <[🔎] 20130516182856.29499.68327@bastian.jones.dk> <[🔎] 87d2sqydif.fsf@windlord.stanford.edu>

Le 16/05/2013 20:40, Russ Allbery a écrit :
> What am I missing?
> 
> I suppose one thing that I could be missing is that, with a certificate,
> you have no privacy controls over what metadata you release.  Whatever you
> put in the certificate is visible to anyone who looks at the certificate.
> (Well, you could encrypt it and then distribute a separate key, but that's
> getting into pointless complexity.)  Whereas in theory your WebID endpoint
> could release different metadata depending on who asks. [...]

I understood that as the main point of WebID.

> [...] But since WebID
> doesn't authenticate the entity asking for metadata, I'm not sure that's
> really what's going on.

The entity asking for metadata can authenticate using the same
mechanism... as Jonas pointed out, WebID works also for inter-server
authentication.


Cheers,

-- 
Stéphane

Reply to:

References:
- Developer repositories for Debian
  - From: Joerg Jaspert <joerg@ganneff.de>
- Re: Developer repositories for Debian
  - From: Olivier Berger <obergix@debian.org>
- Re: Developer repositories for Debian
  - From: Jonas Smedegaard <dr@jones.dk>
- Web ID as passwordless authentication for debian web services [was: Re: Developer repositories for Debian]
  - From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- Re: Web ID as passwordless authentication for debian web services [was: Re: Developer repositories for Debian]
  - From: Philip Hands <phil@hands.com>
- Re: Web ID as passwordless authentication for debian web services [was: Re: Developer repositories for Debian]
  - From: Stéphane Glondu <glondu@debian.org>
- Re: Web ID as passwordless authentication for debian web services [was: Re: Developer repositories for Debian]
  - From: Jonas Smedegaard <dr@jones.dk>
- Re: Web ID as passwordless authentication for debian web services
  - From: Russ Allbery <rra@debian.org>
- Re: Web ID as passwordless authentication for debian web services
  - From: Wouter Verhelst <wouter@debian.org>
- Re: Web ID as passwordless authentication for debian web services
  - From: Russ Allbery <rra@debian.org>
- Re: Web ID as passwordless authentication for debian web services
  - From: Jonas Smedegaard <dr@jones.dk>
- Re: Web ID as passwordless authentication for debian web services
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Re: Apport for Debian
Next by Date: Re: systemd^wfoo on linux, bar on bsd,so what (Re: /bin/sh (was Re: jessie release goals)
Previous by thread: Re: Web ID as passwordless authentication for debian web services
Next by thread: Re: Web ID as passwordless authentication for debian web services
Index(es):
- Date
- Thread