Re: Getting Serious about WebID Bootstrap from Melvin Carvalho on 2012-09-30 (public-rww@w3.org from September 2012)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Sun, 30 Sep 2012 13:05:07 +0200
To: nathan@webr3.org
Cc: Kingsley Idehen <kidehen@openlinksw.com>, "public-rww@w3.org" <public-rww@w3.org>, WebID XG <public-xg-webid@w3.org>
Message-ID: <CAKaEYhLXeL_FFGNGPK1mOSgtbLxjUbfMu10t_1qkin2pY1Sc4g@mail.gmail.com>

On 28 September 2012 14:19, Nathan <nathan@webr3.org> wrote:

> Kingsley Idehen wrote:
>
>> All,
>>
>> Bootstrapping anything on the Web requires technology implementer to use
>> (dog-food) whatever technology they seek to promote to others. Thus, I
>> would like to encourage every participant in the RWW and WebID community
>> groups to make a best-effort to start signing emails, moving forward.
>>
>> Naturally, these emails should be signed using an WebID watermarked X.509
>> certificate. Certificate generation choices include:
>>
>> 1. Native generators that come with your desktop OS -- Mac OS X, Windows,
>> and Linux all include such a utility
>> 2. Certificate generators from WebID IdPs -- I have a list here:
>> http://delicious.com/kidehen/**webid+webid_idp<http://delicious.com/kidehen/webid+webid_idp>(ping me if you have a generator that's unlisted) .
>>
>> Over the last year or so, I've written a number of how-to guides [1]
>> covering how to sign emails across all the major native email clients.
>>
>> Once again, if we don't sign our emails we loose a simple opportunity to
>> showcase the utility of WebIDs and the WebID authentication protocol. Being
>> able to follow-your-nose from a WebID that watermarks an email senders
>> certificate is a very simple utility showcase for both WebID and Linked
>> Data.
>>
>> We can do this!
>>
>> Links:
>>
>> 1. http://bit.ly/VTnxzz -- collection of G+ hosted howtos (for all the
>> major native email clients) covering how to digitally sign emails .
>>
>>
> Why? what do I gain from doing this - consider me a naive outsider
>
>
Essentially this links your email to your WebID / Social Graph in a,
standards compliant, machine readable way.

I've imported my cert into thunderbird and imported the root node as a CA
but I get

"Sending of message failed.
Unable to sign message. Please check that the certificates specified in
Mail & Newsgroups Account Settings for this mail account are valid and
trusted"

http://kb.mozillazine.org/Message_security

Verify whether all parent nodes of the certificate are in your list of
trusted CAs, and whether they can be used to identify mail users

Looks I've done this but it still throws an error.  I've had bugs in
thunderbird before wrt security.  Not sure on this one ...

Received on Sunday, 30 September 2012 11:05:37 UTC