Re: Getting Serious about WebID Bootstrap

Hi Bart

I was not able to validate your certificate with Thunderbird. The 
certificate issuer (O=netage) is not trusted. Also there was no self 
signed CA certificate displayed to me by Thunderbird, so I cannot tell 
whether you included this in your certificate chain or not. I suspect not.

After exporting your cert to a file, it was not possible to import it 
into either Thunderbird or Firefox as the signer is unknown and 
untrusted. So I am not able to validate your signed message

regards

David



On 29/09/2012 09:43, Bart van Leeuwen wrote:
> Hi Kingsley,
>
> You are right ! we need to start using it ourselves as well !
>
> I'm sending this message with Lotus Notes 8.5 and signed it with my
> WebID certificate.
>
> The only 'issue' I had was that the webid certificate should include a
> certification chain, I used XCA on linux to create a selfsigned CA and
> then created a WebID certificate with that.
> Exported the certificate as PKCS#12 format with keychaing and used the
> following guide to import it.
>
> http://www.oreillynet.com/sysadmin/blog/2005/08/sending_smime_encryptedsigned.html
>
>
> Met Vriendelijke Groet / With Kind Regards
> Bart van Leeuwen
> @semanticfire
>
> ##############################################################
> # netage.nl
> # http://netage.nl <http://netage.nl/>
> # Enschedepad 76
> # 1324 GJ Almere
> # The Netherlands
> # tel. +31(0)36-5347479
> ##############################################################
>
>
>
> From: Kingsley Idehen <kidehen@openlinksw.com>
> To: "public-rww@w3.org" <public-rww@w3.org>, WebID XG
> <public-xg-webid@w3.org>,
> Date: 28-09-2012 13:37
> Subject: Getting Serious about WebID Bootstrap
> ------------------------------------------------------------------------
>
>
>
> All,
>
> Bootstrapping anything on the Web requires technology implementer to use
> (dog-food) whatever technology they seek to promote to others. Thus, I
> would like to encourage every participant in the RWW and WebID community
> groups to make a best-effort to start signing emails, moving forward.
>
> Naturally, these emails should be signed using an WebID watermarked
> X.509 certificate. Certificate generation choices include:
>
> 1. Native generators that come with your desktop OS -- Mac OS X,
> Windows, and Linux all include such a utility
> 2. Certificate generators from WebID IdPs -- I have a list here:
> http://delicious.com/kidehen/webid+webid_idp(ping me if you have a
> generator that's unlisted) .
>
> Over the last year or so, I've written a number of how-to guides [1]
> covering how to sign emails across all the major native email clients.
>
> Once again, if we don't sign our emails we loose a simple opportunity to
> showcase the utility of WebIDs and the WebID authentication protocol.
> Being able to follow-your-nose from a WebID that watermarks an email
> senders certificate is a very simple utility showcase for both WebID and
> Linked Data.
>
> We can do this!
>
> Links:
>
> 1. http://bit.ly/VTnxzz-- collection of G+ hosted howtos (for all the
> major native email clients) covering how to digitally sign emails .
>
> --
>
> Regards,
>
> Kingsley Idehen
> Founder & CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com <http://www.openlinksw.com/>
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter/Identi.ca handle: @kidehen
> Google+ Profile: https://plus.google.com/112399767740508618350/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>
>
>
>
>
>

Received on Sunday, 30 September 2012 06:54:36 UTC