On 01/30/2009 06:39 PM, Peter Thomas wrote:
On Fri, Jan 30, 2009 at 9:06 PM, Daniel Kahn Gillmor
this assumes that the policies are machine-parseable in a form that
includes conflict resolution, no?
Why? All policies might have a human readable chapter "X. In case of
policy conflicts", where they explain what should happen.
what form are you proposing? my
reading of the RFC is that there is no restriction on what can be
contained in the policy URI.
I don't see that point why this would have to be machine-readable.
Hrm, thinking about this now, i'm not sure why it would necessarily need
to be machine-readable. I think i was thinking that there would be ways
to mechanize your interpretations of various signatures based on the
policy decisions.
This would require some good work sorting out common policies that could
then be referred to by URL, sort of like how Creative Commons has sorted
out some common licensing arrangements which can be identified by URL:
http://creativecommons.org/licenses/by-sa/3.0
uniquely identifies a well-known license, and people are building tools
to automatically assemble indexes of content that's been licensed that way.
If a group did the same type of work for certification policies that CC
has done in regard to content licensing, then you could begin to build
similar sorts of tools to interpret human-centered policy preferences
through the web of trust.
This is a more ambitious project, though, and you're right to question
the need for every policy to be machine-interpretable.
--dkg
signature.asc
Description: OpenPGP digital signature