Le 16/05/2013 20:40, Russ Allbery a écrit : > What am I missing? > > I suppose one thing that I could be missing is that, with a certificate, > you have no privacy controls over what metadata you release. Whatever you > put in the certificate is visible to anyone who looks at the certificate. > (Well, you could encrypt it and then distribute a separate key, but that's > getting into pointless complexity.) Whereas in theory your WebID endpoint > could release different metadata depending on who asks. [...]
I understood that as the main point of WebID. > [...] But since WebID > doesn't authenticate the entity asking for metadata, I'm not sure that's > really what's going on. The entity asking for metadata can authenticate using the same mechanism... as Jonas pointed out, WebID works also for inter-server authentication. Cheers, -- Stéphane -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5195d047.3090...@debian.org
