Regular WebID

WebID is a pretty nifty decentralized authentication scheme which lets you be yourself with several HTTPS webservers. It works with a browser- generated client certificate and a URL-based authentication scheme embedded into it (a UNI in PSYC-think). Used in the web-based way it does not provide end-to-end encryption however, but it does let you talk to many servers and be sure there is no man in the middle.

Distributed WebID

Using WebID in a distributed end-to-end way would make it a vector for encrypted end-to-end communications. Notes on how to do distributed WebID using F2F routing technology:

  1. generate multiple F2F key pairs with WebID each, introduce priority
  2. WebID resolution becomes based on DHT + pubkey (it's just a URI for it)
  3. allow apps on the net to contact a person via DHT instead of home server
  4. sharing identity over several user agents is annoying (moving USB sticks around and the like) unless you enable multiple keys per identity anyway
  5. can we let a web-browser generate the WebID? difficult: requires all talking partners to always speak to the browser unless we teach partners about all of our public keys, so they can choose one that works without the user running her browser

This type of DHT usage is typically prone to sybil attacks however, so we shouldn't pursue this path. How did this end up on the secushare website anyhow? GNS and GNUnet have ways to employ DHT that aren't prone to sybil attacks, and they imply the conscious use of the distributed private social graph which WebID doesn't.