W3C home > Mailing lists > Public > public-lod@w3.org > February 2010

Re: [foaf-protocols] Storing PKCS#12 inside FOAF profile for FOAF+SSL

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Mon, 22 Feb 2010 10:04:55 -0500
Message-ID: <4B829D17.6060106@openlinksw.com>
To: nathan@webr3.org
CC: Story Henry <henry.story@bblfish.net>, Linked Data community <public-lod@w3.org>, foaf-protocols@lists.foaf-project.org
Nathan wrote:
> Story Henry wrote:
>   
>> On 22 Feb 2010, at 14:50, Nathan wrote:
>>
>>     
>>> Melvin Carvalho wrote:
>>>       
>>>> CC: foaf-protocols
>>>>
>>>> On 22 February 2010 14:40, Nathan <nathan@webr3.org> wrote:
>>>>
>>>>         
>>>>> Hi All,
>>>>>
>>>>> As per the subject, I'm very tempted to store a base64 encoded versions
>>>>> of my PKCS#12 certificate store file inside my FOAF profile; this way at
>>>>> any point I can simply download it; decode it and pop it in whatever
>>>>> client browser I want; knowing that it can only be unlocked with the
>>>>> password only I know.
>>>>>
>>>>> Thoughts, Opinions?
>>>>>           
>>> talked myself out of it; I'd leave my identity open to a brute force
>>> attack to crack the password; anybody could simply download my FOAF;
>>> base64_decode the pkcs#12 and then brute force it open.
>>>       
>> Yes, check out the foaf+ssl  protocol. It's very easy to create public key pairs, one for each browser, and it really makes sense to publish the public key there, using the cert and rsa ontologies
>>  
>>    http://esw.w3.org/topic/foaf+ssl
>>
>>     
>
> So I can just chain up multiple public key pairs in my FOAF profile ya?
>
> <?xml version="1.0" encoding="ISO-8859-1"?>
> <rdf:RDF
> 	xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
> 	xmlns:cert="http://www.w3.org/ns/auth/cert#"
> 	xmlns:rsa="http://www.w3.org/ns/auth/rsa#">
> <rsa:RSAPublicKey>
>    .. key one
> </rsa:RSAPublicKey>
> <rsa:RSAPublicKey>
>    .. key two
> </rsa:RSAPublicKey>
>   .. and so on
> </rdf:RDF>
>
> correct?
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols@lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>
>   
Nathan,

Have you looked at:

1. 
http://ods.openlinksw.com/dataspace/dav/wiki/ODS/GetAPersonalURIIn5MinutesOrLess
2. http://ods.openlinksw.com/dataspace/dav/wiki/ODS/ODSPkiSetup
3. http://ods.openlinksw.com/dataspace/dav/wiki/ODS/ODSBriefcaseFOAFSSL

-- 

Regards,

Kingsley Idehen	      
President & CEO 
OpenLink Software     
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen 
Received on Monday, 22 February 2010 15:05:25 UTC

This archive was generated by hypermail 2.3.1 : Sunday, 31 March 2013 14:24:25 UTC