Re: WebIDauth - authentication service written in PHP.

On Sat, 2011-04-09 at 13:09 +0200, Henry Story wrote:
> On 9 Apr 2011, at 12:58, Andrei Sambra wrote:
> 
> > I forgot to mention that I set up a testing suite (more or less), which
> > can be used to test authentication (either auth.fcns.eu or foafssl.org),
> > to create foaf profiles in several formats (json/turtle/rdfxml/n3),
> > lookup webid's and display them in a nice format / debug format, convert
> > a webid from a format to another (see above).
> > 
> > It's a work in progress so expect lots of things to be bugged.
> > 
> > Here is the link: http://webid.fcns.eu
> 
> yes, that produces very beautiful output.
> 
> But you need a more technical WebID test suite, that will return rdfa describing exactly
> how the authentication was determined, and showing the user his public key.
> 
> (we have not settled on the rdfa, so for the moment pure human readable html is ok :-)
> 
I see one issue with your suggestion; if a webserver is not configured
to request a certificate, it cannot read the public key of the client.
So, we either pass it in the URL from the IdP, or the admin configures
SSL on the SP to demand a certificate when connecting to a particular
part of the website.

We should also keep in mind that some service providers might not use
SSL, but they could verify the validity of the authentication process by
checking the signature of the returned URL (webid+ts) and thus allow
users to log in with their webids.

> >> 
> > 
> > 
> > 
> 
> Social Web Architect
> http://bblfish.net/
> 

Received on Sunday, 10 April 2011 11:33:40 UTC