- From: Henry Story <henry.story@bblfish.net>
- Date: Wed, 14 Nov 2012 19:13:55 +0100
- To: Peter Williams <pwilliams@rapattoni.com>
- Cc: foaf-dev@lists.foaf-project.org, public-webid <public-webid@w3.org>
- Message-Id: <C69FBD9E-EDFE-4754-9A19-2B977260539E@bblfish.net>
Thanks Peter. Someone on our mailing list had indeed posted a ticket with MS, so the bug report you mention may be the consequence of that going through "How to use a custom X509CertificateValidator with an IIS hosted WCF service and self-signed client certificate" http://support.microsoft.com/kb/2480671 This may be useful for others working in that space. Henry On 14 Nov 2012, at 19:02, Peter Williams <pwilliams@rapattoni.com> wrote: > I updated the http://wp.me/p1fcz8-39F post, for more on webid. > > Three new topics: > > My original post was fault in that I was yet again deceived that some server-side code that appeared to process an SSL handshake client cert... was in reality processing a layer 7 cert/signature/handshake message sequence (of rather similar purpose to an SSL handshake's client authn protocol element). > > I then ask: so why IS webid restricted to layer 4 handshakes. Why not expand it to layer 7 certs/signatures, too? > > Then, I find some really good material that shows why windows struggles/struggled with webid tied to SSL handshakes. It explains theoretically what I found out experimentally last year (and driveled on about in the knowledge darkness, remarkably accurately in retrospect). The referenced article also suggest fixes - whose style reinforces the conclusion I drew in that darkness:- that overriding kernel behaviours for SSL cert handling required/requires rather special coding. What MSFT seem to have done ... however... is at least say HOW to do it. Its not easy, but its gone from impossible (and no, never) to ... well here is how. > > Would be interesting to know if webid public discussion prompted someone to find out what is some esoteric systems stuff. > ________________________________________ > From: Peter Williams > Sent: Monday, November 12, 2012 11:46 AM > To: foaf-dev@lists.foaf-project.org > Subject: Webid on windows? > > webid working on windows? with client cert ;and NO prior registration? http://wp.me/p1fcz8-39F via @wordpressdotcom > > Last year, I could not properly implement webid, since I could access the client cert without first having in done way registered it on windows. Today I think I did that, making webid interesting again. > > Could some windows programmer type confirm the result? All one has to do is run a std sample (just the right one). > _______________________________________________ > foaf-dev mailing list > foaf-dev@lists.foaf-project.org > http://lists.foaf-project.org/mailman/listinfo/foaf-dev Social Web Architect http://bblfish.net/
Attachments
- application/pkcs7-signature attachment: smime.p7s
Received on Wednesday, 14 November 2012 18:14:34 UTC