Re: WebID proxy? from elf Pavlik on 2012-07-20 (public-webid@w3.org from July 2012)

From: elf Pavlik <perpetual-tripper@wwelves.org>
Date: Fri, 20 Jul 2012 16:06:34 +0000
To: Melvin Carvalho <melvincarvalho@gmail.com>, Henry Story <henry.story@bblfish.net>, public-webid <public-webid@w3.org>
Message-Id: <1342799941-sup-4144@heahdk.net>

Excerpts from elf Pavlik's message of 2012-07-20 15:39:35 +0000:
> Excerpts from Melvin Carvalho's message of 2012-07-20 15:13:38 +0000:
> > On 20 July 2012 16:59, Henry Story <henry.story@bblfish.net> wrote:
> > 
> > >
> > > On 20 Jul 2012, at 15:26, elf Pavlik wrote:
> > >
> > > > Hello,
> > > >
> > > > Hearing lately some discussions on delegation and proxies, I started
> > > thinking about proxy which would enable me to use WebID without need to
> > > have any private keys on client machine I may happen to use. One could use
> > > some other system - possibly pass phrase based - for authentication and
> > > than proxy would hold some secondary private key, which could also have
> > > more restricted permissions on chosen services.
> > > >
> > > > I look here for more flexibility in case someone wants to use friends
> > > computer just to RSVP to an event or similar cases with rather low security
> > > requirements...
> > >
> > > Use OpenId with one time passwords perhaps?
> > >
> > 
> > Sure WebID can fall back to OpenID, BrowserID, SAML, username/password etc.
> I didn't mean 'fall back' to something other then WebID on a service provider side. Service could offer WebID only authentication and access control, while I would connect from a client machine without any client certificates through this 'WebID proxy' which could hold my 'client certs' and do WebID dances with service providers. I hope I express myself little more clearly this time :)

reading following replies i still don't feel certain that others have understand me:
1. I want to access online service which ONLY accepts authenticating with WebID
2. I want to use 'random' computer which DOESN'T HAVE any client certificates and I don't want to install any client certificates on it at any point

i think of accomplishing it by connecting over a 'proxy' which holds client certificates with private key matching public key published in my WebID profile and accepts for authentication some other password based method, lets say basic login/pass pair just for simplicity.

Received on Friday, 20 July 2012 16:07:05 UTC