Identity and Authentication Systems

From Konfidi
Jump to: navigation, search

Identifiers are the "X" and the "Y" in "X trusts Y" declarations, which are stored in RDF. Authentication methods are used in a client, before querying the TrustServer to compute a trust value.

Until we have a better idea, you must PGP-sign your RDF trust declarations, so that the origin of those declarations can be verified again later by anyone. Other possibilities, like OpenID, only authenticate the session not the document, so it cannot be independently verified later.

Identifier Authentication Method Supported in Konfidi
OpenPGP fingerprint OpenPGP signature Yes
RDF URI none planned
email address SPF planned
email address DKIM planned
YADIS URL OpenID planned
X.509 Subject Unique Identifier X.509 Signature
JabberID ?

See also FOAF Unique Identifiers