[OpenID] cryptographics web of trust
Peter Williams
pwilliams at rapattoni.com
Fri Aug 17 17:56:09 UTC 2007
> Now, I want my OpenID-Consumer robot to merge a signed/wot FOAF
> file that it _pulls_ ...with its own FOAF file (and its wot).
What kind of robot would this be? Something like Baetnik
http://blogs.sun.com/bblfish/entry/beatnik_change_your_mind
The "agent/robot" exists the JanRain.c# OpenId-Consumer. My code pulls FOAF file rather than XRDS file, de-serializing it into memory. Now I must perform "FOAF/wot resolution", in place of XRI resolution. After than, ai can bother to verify byte-level signatures.
I also de-serialize the OpenID-consumer's FOAF file (into the same triple store) to "direct" the resolution process.
Wot resolution is thus a test: Does agent's wot "connect up" with the user's wot, at some mutual "trust point". Trivally, that trust point MAY be the OpenID Consumer's "trust point" URI, a signal used in OpenID Auth protocol.
Wot-resolution should test for the "bestness" of trust points, if it finds 2 or more (using DARPA/RFC1422-era confidence metrics - computed using a heuristic search algorithm, now out of patent control)
Ideally, someone has a script in some RDF Query language to test for person-person connectivity between two sets of friend-relations. If it exists, I'll repurpose the (ideally SPARQL) query script to perform the analogous wot resolution, using the 2 sets of wot elements from the 2 FOAF files.
More information about the general
mailing list