home.social

#dpki — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #dpki, aggregated by home.social.

  1. Keep in mind that you can "add and remove SSL" without #Cloudflare too.

    These days supposedly it's at least easier to catch this being done, but who checks the CT logs?

    #DPKI is the only way to solve this.

    https://okturtles.org/dpki/

    @pojntfx

    RT: https://mastodon.social/users/pojntfx/statuses/115266889590878748
  2. #Identity #Authenticity, remains a HUGE problem at the #Internet->#Web->#SocialMedia levels. It's so big that it has trivially imploded #Twitter via the recent Blue Checkmark/Badge disaster.

    A #SemanticWeb solves this headache, once understood, by way of #TLS integration using a #Hyperlink -- as demonstrated by protocol extensions such as #NetIDTLS and #WebIDTLS.

    Here's a post that includes a NetIDTLS Sequence Flow Diagram to aid understanding.

    community.openlinksw.com/t/how

    #LinkedData #DPKI

  3. #Identity #Authenticity, remains a HUGE problem at the #Internet->#Web->#SocialMedia levels. It's so big that it has trivially imploded #Twitter via the recent Blue Checkmark/Badge disaster.

    A #SemanticWeb solves this headache, once understood, by way of #TLS integration using a #Hyperlink -- as demonstrated by protocol extensions such as #NetIDTLS and #WebIDTLS.

    Here's a post that includes a NetIDTLS Sequence Flow Diagram to aid understanding.

    community.openlinksw.com/t/how

    #LinkedData #DPKI

  4. #Identity #Authenticity, remains a HUGE problem at the #Internet->#Web->#SocialMedia levels. It's so big that it has trivially imploded #Twitter via the recent Blue Checkmark/Badge disaster.

    A #SemanticWeb solves this headache, once understood, by way of #TLS integration using a #Hyperlink -- as demonstrated by protocol extensions such as #NetIDTLS and #WebIDTLS.

    Here's a post that includes a NetIDTLS Sequence Flow Diagram to aid understanding.

    community.openlinksw.com/t/how

    #LinkedData #DPKI

  5. #Identity #Authenticity, remains a HUGE problem at the #Internet->#Web->#SocialMedia levels. It's so big that it has trivially imploded #Twitter via the recent Blue Checkmark/Badge disaster.

    A #SemanticWeb solves this headache, once understood, by way of #TLS integration using a #Hyperlink -- as demonstrated by protocol extensions such as #NetIDTLS and #WebIDTLS.

    Here's a post that includes a NetIDTLS Sequence Flow Diagram to aid understanding.

    community.openlinksw.com/t/how

    #LinkedData #DPKI

  6. #Identity #Authenticity, remains a HUGE problem at the #Internet->#Web->#SocialMedia levels. It's so big that it has trivially imploded #Twitter via the recent Blue Checkmark/Badge disaster.

    A #SemanticWeb solves this headache, once understood, by way of #TLS integration using a #Hyperlink -- as demonstrated by protocol extensions such as #NetIDTLS and #WebIDTLS.

    Here's a post that includes a NetIDTLS Sequence Flow Diagram to aid understanding.

    community.openlinksw.com/t/how

    #LinkedData #DPKI

  7. There are approx. 5.25 billion+ people on the internet (and growing). These numbers also highlight importance of the ubiquitous Transport Layer Security (#TLS) protocol as critical infrastructure for solving #identity authenticity challenges afflicting Internet & Web users.

    I shed some simplified light on the workings of this protocol in a new blog post that also doubles as a #ChatGPT, #Mermaid, and #KnowledgeGraph utility showcase.

    community.openlinksw.com/t/how

    #DPKI #PKI #NetIDTLS #YouID

  8. There are approx. 5.25 billion+ people on the internet (and growing). These numbers also highlight importance of the ubiquitous Transport Layer Security (#TLS) protocol as critical infrastructure for solving #identity authenticity challenges afflicting Internet & Web users.

    I shed some simplified light on the workings of this protocol in a new blog post that also doubles as a #ChatGPT, #Mermaid, and #KnowledgeGraph utility showcase.

    community.openlinksw.com/t/how

    #DPKI #PKI #NetIDTLS #YouID

  9. There are approx. 5.25 billion+ people on the internet (and growing). These numbers also highlight importance of the ubiquitous Transport Layer Security (#TLS) protocol as critical infrastructure for solving #identity authenticity challenges afflicting Internet & Web users.

    I shed some simplified light on the workings of this protocol in a new blog post that also doubles as a #ChatGPT, #Mermaid, and #KnowledgeGraph utility showcase.

    community.openlinksw.com/t/how

    #DPKI #PKI #NetIDTLS #YouID

  10. There are approx. 5.25 billion+ people on the internet (and growing). These numbers also highlight importance of the ubiquitous Transport Layer Security (#TLS) protocol as critical infrastructure for solving #identity authenticity challenges afflicting Internet & Web users.

    I shed some simplified light on the workings of this protocol in a new blog post that also doubles as a #ChatGPT, #Mermaid, and #KnowledgeGraph utility showcase.

    community.openlinksw.com/t/how

    #DPKI #PKI #NetIDTLS #YouID

  11. There are approx. 5.25 billion+ people on the internet (and growing). These numbers also highlight importance of the ubiquitous Transport Layer Security (#TLS) protocol as critical infrastructure for solving #identity authenticity challenges afflicting Internet & Web users.

    I shed some simplified light on the workings of this protocol in a new blog post that also doubles as a #ChatGPT, #Mermaid, and #KnowledgeGraph utility showcase.

    community.openlinksw.com/t/how

    #DPKI #PKI #NetIDTLS #YouID

  12. How verifiable credentials generated by @youid enable self-sovereign identity (#SSI): a user-controlled approach to #identity, via #HTTPS session initialization using Client Certificate Authentication (CCA).

    Watch: youtu.be/n6DZeqcqkwM

    Adding this as an identity verification option, alongside "rel=me", enhances user #privacy and identity authenticity across the #Fediverse.

    /cc @openlink @youid @atomicpoet @judell @Mastodon @evan

    #DPKI #LinkedData #NetID #NetIDTLS #Screencast

  13. How verifiable credentials generated by @youid enable self-sovereign identity (#SSI): a user-controlled approach to #identity, via #HTTPS session initialization using Client Certificate Authentication (CCA).

    Watch: youtu.be/n6DZeqcqkwM

    Adding this as an identity verification option, alongside "rel=me", enhances user #privacy and identity authenticity across the #Fediverse.

    /cc @openlink @youid @atomicpoet @judell @Mastodon @evan

    #DPKI #LinkedData #NetID #NetIDTLS #Screencast

  14. How verifiable credentials generated by @youid enable self-sovereign identity (#SSI): a user-controlled approach to #identity, via #HTTPS session initialization using Client Certificate Authentication (CCA).

    Watch: youtu.be/n6DZeqcqkwM

    Adding this as an identity verification option, alongside "rel=me", enhances user #privacy and identity authenticity across the #Fediverse.

    /cc @openlink @youid @atomicpoet @judell @Mastodon @evan

    #DPKI #LinkedData #NetID #NetIDTLS #Screencast

  15. How verifiable credentials generated by @youid enable self-sovereign identity (#SSI): a user-controlled approach to #identity, via #HTTPS session initialization using Client Certificate Authentication (CCA).

    Watch: youtu.be/n6DZeqcqkwM

    Adding this as an identity verification option, alongside "rel=me", enhances user #privacy and identity authenticity across the #Fediverse.

    /cc @openlink @youid @atomicpoet @judell @Mastodon @evan

    #DPKI #LinkedData #NetID #NetIDTLS #Screencast

  16. How verifiable credentials generated by @youid enable self-sovereign identity (#SSI): a user-controlled approach to #identity, via #HTTPS session initialization using Client Certificate Authentication (CCA).

    Watch: youtu.be/n6DZeqcqkwM

    Adding this as an identity verification option, alongside "rel=me", enhances user #privacy and identity authenticity across the #Fediverse.

    /cc @openlink @youid @atomicpoet @judell @Mastodon @evan

    #DPKI #LinkedData #NetID #NetIDTLS #Screencast

  17. @openlink @youid @atomicpoet @judell,

    By more.. I mean:

    The Link In Bio profile document generation is going to get a lot easier i.e., cross-references to other profile pages will be handled via the @youid credentials capturing form; and this is restricted to an arbitrary number i.e., you can provide more than 4 cross-references if so required.

    #Identity #Authenticity #SSI #X509 #DPKI #NetID #NetIDTLS

  18. @openlink @youid @atomicpoet @judell,

    By more.. I mean:

    The Link In Bio profile document generation is going to get a lot easier i.e., cross-references to other profile pages will be handled via the @youid credentials capturing form; and this is restricted to an arbitrary number i.e., you can provide more than 4 cross-references if so required.

    #Identity #Authenticity #SSI #X509 #DPKI #NetID #NetIDTLS

  19. @openlink @youid @atomicpoet @judell,

    By more.. I mean:

    The Link In Bio profile document generation is going to get a lot easier i.e., cross-references to other profile pages will be handled via the @youid credentials capturing form; and this is restricted to an arbitrary number i.e., you can provide more than 4 cross-references if so required.

    #Identity #Authenticity #SSI #X509 #DPKI #NetID #NetIDTLS

  20. @openlink @youid @atomicpoet @judell,

    By more.. I mean:

    The Link In Bio profile document generation is going to get a lot easier i.e., cross-references to other profile pages will be handled via the @youid credentials capturing form; and this is restricted to an arbitrary number i.e., you can provide more than 4 cross-references if so required.

    #Identity #Authenticity #SSI #X509 #DPKI #NetID #NetIDTLS

  21. @openlink @youid @atomicpoet @judell,

    By more.. I mean:

    The Link In Bio profile document generation is going to get a lot easier i.e., cross-references to other profile pages will be handled via the @youid credentials capturing form; and this is restricted to an arbitrary number i.e., you can provide more than 4 cross-references if so required.

    #Identity #Authenticity #SSI #X509 #DPKI #NetID #NetIDTLS

  22. @openlink @youid Wonderful!

    What is this about?

    User-controlled self-sovereign #identity (#SSI) that scales to both the #Internet & #Web.

    @youid generates:

    [1] Public & Private Credentials that can be reconciled as part of an extended #TLS handshake

    [2] An #HTML-based profile doc comprising verifiable credentials -- what's also referred to as a Link In Bio doc

    More to come..

    /cc @atomicpoet @judell

    #YouID #NetID #NetIDTLS #Privacy #RWW #X509 #WebID #PKI #DPKI

  23. @openlink @youid Wonderful!

    What is this about?

    User-controlled self-sovereign #identity (#SSI) that scales to both the #Internet & #Web.

    @youid generates:

    [1] Public & Private Credentials that can be reconciled as part of an extended #TLS handshake

    [2] An #HTML-based profile doc comprising verifiable credentials -- what's also referred to as a Link In Bio doc

    More to come..

    /cc @atomicpoet @judell

    #YouID #NetID #NetIDTLS #Privacy #RWW #X509 #WebID #PKI #DPKI

  24. @openlink @youid Wonderful!

    What is this about?

    User-controlled self-sovereign #identity (#SSI) that scales to both the #Internet & #Web.

    @youid generates:

    [1] Public & Private Credentials that can be reconciled as part of an extended #TLS handshake

    [2] An #HTML-based profile doc comprising verifiable credentials -- what's also referred to as a Link In Bio doc

    More to come..

    /cc @atomicpoet @judell

    #YouID #NetID #NetIDTLS #Privacy #RWW #X509 #WebID #PKI #DPKI

  25. @openlink @youid Wonderful!

    What is this about?

    User-controlled self-sovereign #identity (#SSI) that scales to both the #Internet & #Web.

    @youid generates:

    [1] Public & Private Credentials that can be reconciled as part of an extended #TLS handshake

    [2] An #HTML-based profile doc comprising verifiable credentials -- what's also referred to as a Link In Bio doc

    More to come..

    /cc @atomicpoet @judell

    #YouID #NetID #NetIDTLS #Privacy #RWW #X509 #WebID #PKI #DPKI

  26. @openlink @youid Wonderful!

    What is this about?

    User-controlled self-sovereign #identity (#SSI) that scales to both the #Internet & #Web.

    @youid generates:

    [1] Public & Private Credentials that can be reconciled as part of an extended #TLS handshake

    [2] An #HTML-based profile doc comprising verifiable credentials -- what's also referred to as a Link In Bio doc

    More to come..

    /cc @atomicpoet @judell

    #YouID #NetID #NetIDTLS #Privacy #RWW #X509 #WebID #PKI #DPKI

  27. @Cyberpunk @protonmail Anyway, are you saying that digitally signed emails are supported, but strictly via #OpenPGP? If so, that's at least better than nothing -- despite an inability to leverage a #SemanticWeb for building filters that address challenges posed by both #SPAM and #phishing

    #Email #SMIME #PKI #DPKI #Identity #Authenticity

  28. @Cyberpunk @protonmail,

    Yes, and my fundamental issue has more to do with offering users choice, since there's functionality in #SMIME that isn't available via #OpenPGP.

    For example, #X509 cert subject naming using a #hyperlink that resolves to a public profile doc.

    That capability enables sophisticated filters construction for fighting #phishing attacks via #DPKI (rather than centralized #PKI)

    Choice is important.

  29. @bertrand,
    We have different scenarios (enterprise or personal) where #Identity #Authenticity is achieved via common use of #DPKI (enhanced by #hyperlink based subject denotation that resolves to a machine-computable entity relationship graph [the subjects profile data]).

    #SSI as I've been speaking about relates to the individual seeking control over their identity and privacy at #Web and #Internet scales.

    /cc @meneer @aniltj @w3c

  30. @bertrand,

    Yes, in the enterprise scenario ldap: scheme identifiers denote cert subject. The more important part is that #Identity #Authenticity happens using #DPKI (enabled by ldap: URI lookup into directory for credentials cross-reference).

    In the DPKI realm that I describe:
    #TLS handshake is enhanced via Identifier resolution from cert to an entity relationship graph (credentials mirror) re trust. Not a centralized certificate authority.

    /cc @meneer @aniltj @w3c

  31. @meneer @bertrand @aniltj @w3c The kind of IAM covered in that article isn't what I am speaking about, fundamentally.

    I am speaking about the ability of an individual to function as both issuer and holder of their credentials leaving scalable #PKI (i.e., #DPKI) to handle #Identity #Authenticity via machine-computable semantics discerned from profile data.

    Private and public credentials are reconciled as part of a #TLS handshake, courtesy of machine-computable entity relationship type semantics

  32. @meneer,

    Points 1-3 handle #Identity #Authenticity.

    Authenticated identity principals are then subject to ACL tests during CRUD operations.

    The issue of contention here boils down to #ZeroTrust #SSI using #PKI (which doesn't scale for end-users) vs #DPKI (which solves the scalability problem via the combination of #hyperlinks and logic discerned from machine-computable entity relationship type semantics).

    I think its best I write a blog post about this.

    /cc @bertrand @aniltj @w3c

  33. @meneer,

    To be clear, I am a firm believer in loosely-coupling the following:

    1. #Identity -- via identifiers (e.g., a #hyperlink)
    2. #Identification -- via credentials (graph)
    3. #authentication -- using various protocols
    4. #authorization -- access controls (eg #ABAC)
    5. #storage -- file systems or #DBMS

    When I speak about #DPKI and #ZeroTrust the focal points are 1-3.

    #HTTP offers abstraction atop the #Internet that deemphasizes #DNS re entity naming.

    /cc @bertrand @aniltj @w3c

  34. @bertrand ,

    The scalability problem with #PGP arises from the need for in-person signing parties.

    That's solved by using a #hyperlink to denote the subject of an #X509 cert that resolves to a profile document comprising matching credentials from said cert. This triangulation happens at the end of a #TLS handshake re scalable #ZeroTrust based #DPKI.

    /cc @meneer @aniltj @w3c

    #NetIDTLS #HTTPS #Identity #Authenticity #SSI

  35. @meneer,

    Okay, let's focus on the issue of trust en route to clarity.

    #ZeroTrust is an approach to this matter based on the cryptographic verification of credentials as demonstrated by #PKI for eons.

    The trouble with conventional #PKI is that it depends solely on Certificate Authorities (CAs).

    #DPKI is a variant of the approach without sole dependence on CAs, and this has nothing to do with #Blockchain re the #SSI that I am speaking about.

    Does this clear up my focus?

    /cc @aniltj @w3c

  36. @kidehen @aniltj @w3c an individual can generate and manage a self-sovereign identity, but without trust, how can it be used? That's not what zero trust is about.. 🤣

    I can create my own CA, but if there is no cross certification, no trust, what does it add? It can be an unattached identity at most. Useless to get access.

    And in #DPKI... why should I trust a #blockchain? You got it, I don't buy that tech yet. Blockchain is garbage in - garbage forever.
    Trust is not an award.

  37. @meneer,

    An individual doesn't need a CA in the mix to attain trust, that's required on the backend if you are providing e-commerce (e.g., Amazon.com etc).

    An individual can use a #ZeroTrust algorithm as the basis for establishing trust with family, groups etc..

    That's what #DPKI solves for, via #X509, #TLS, and machine-computable entity relationship type semantics.

    These issues have been deeply thought through over the years. 😀

    /cc @aniltj @w3c

    #NetID #YouID #NetIDTLS

  38. @meneer,

    I am not seeing the disconnect between what you are describing and the use of #DPKI (rather than centralized #PKI) for #SSI.

    There are machine-computable semantics inherent in relationship types (e.g., schema.org/sameAs) that connect you with your various Profile Docs re #Identity #Authenticity proofs.

    "rel=me" (used by @Mastodon) is similar but limited re what #DPKI can offer, since users rarely have #metadata control over profile docs from 3rd parties

    /cc @aniltj @w3c

  39. @meneer,

    Great question!
    A the core of what I describe lies the fact that authenticity is no longer a function of a centralized CA; rather, the triangulation of a "proof of control" scoped to:

    1. Private Key possession
    2. Profile Document Control
    3. #X509 Cert Credentials cross-referencing to what's in #1

    #DPKI is about #Identity #Authenticity proof without centralized CAs, courtesy of #Hyperlink based subject naming and the connectivity it unleashes :)

    /cc @aniltj @w3c

  40. @aniltj,

    #LinkedData is essential to user-controlled #Identity #Authenticity and #Privacy.

    I can demonstrate that with ease, and debate (with live examples) any #BigTech vendor rep that would like to covertly claim otherwise.

    #DPKI is real, and it works for users seeking full control over their identity and privacy. It doesn't work for vendors seeking to exploit users covertly via the "bit of privacy" approach!

    /cc @atomicpoet @Mastodon @youid

    #NetID #YouID #NetIDTLS #TLS #WebID

  41. @aniltj,

    #LinkedData is essential to user-controlled #Identity #Authenticity and #Privacy.

    I can demonstrate that with ease, and debate (with live examples) any #BigTech vendor rep that would like to covertly claim otherwise.

    #DPKI is real, and it works for users seeking full control over their identity and privacy. It doesn't work for vendors seeking to exploit users covertly via the "bit of privacy" approach!

    /cc @atomicpoet @Mastodon @youid

    #NetID #YouID #NetIDTLS #TLS #WebID

  42. @aniltj,

    #LinkedData is essential to user-controlled #Identity #Authenticity and #Privacy.

    I can demonstrate that with ease, and debate (with live examples) any #BigTech vendor rep that would like to covertly claim otherwise.

    #DPKI is real, and it works for users seeking full control over their identity and privacy. It doesn't work for vendors seeking to exploit users covertly via the "bit of privacy" approach!

    /cc @atomicpoet @Mastodon @youid

    #NetID #YouID #NetIDTLS #TLS #WebID

  43. @aniltj,

    #LinkedData is essential to user-controlled #Identity #Authenticity and #Privacy.

    I can demonstrate that with ease, and debate (with live examples) any #BigTech vendor rep that would like to covertly claim otherwise.

    #DPKI is real, and it works for users seeking full control over their identity and privacy. It doesn't work for vendors seeking to exploit users covertly via the "bit of privacy" approach!

    /cc @atomicpoet @Mastodon @youid

    #NetID #YouID #NetIDTLS #TLS #WebID

  44. @TheCollective_TIB Yep!

    #Privacy is self-calibration of individual vulnerability.

    There are 5.32 Billion+ #Internet users afflicted by implicit privacy compromise that can't be addressed by yet another third party service covertly pitching "a little privacy".

    A viable solution is one that:
    1. lets users generate & manage verifiable credentials
    2. integrates naturally with the #Web, #Internet, and existing native operating systems.

    #Identity #Authenticity #DPKI #SSI