W3C home > Mailing lists > Public > public-xg-webid@w3.org > August 2011

RE: [foaf-protocols] WebID Tool

From: Peter Williams <home_pw@msn.com>
Date: Tue, 9 Aug 2011 10:50:14 -0700
Message-ID: <SNT143-W52F8C8865C24094A6B07CA92200@phx.gbl>
To: <bergi@axolotlfarm.org>, <foaf-protocols@lists.foaf-project.org>, "public-xg-webid@w3.org" <public-xg-webid@w3.org>

are you assuming that the browser imports the keying material from the PKCS#12 output, rather than use keygen? if so I like the design. Its waht I advocated - use offline key management, divorced from the web. Its the original CA model (in fact), which assumed NO online presence for a CA, given the disaster that follows given its nature, if its signing key are compromised (by leakage through the online protocol). PKCS#12 is quite general. There is really no reason why one of its tagged streams could be be including the RDF within the stream. Thus the rdf stream is indirectly signed, etc. one could imagine a mozilla plugin being able to read the objects within the PKCS#12 stream, and use the profile information, while the browser engine itself uses the evil (asn.1 encoded) cert and private key streams. This would require Mozilla to open up access to the stream objects in its crypto store to plugins. Im not sure DOD will allow them to do this, though. DoD have the browser vendors lock up the API, so it reduces the crypto capabilities to what these agencies things consumers OUGHT to have.
 > Date: Mon, 8 Aug 2011 22:26:35 +0200
> From: bergi@axolotlfarm.org
> To: foaf-protocols@lists.foaf-project.org; public-xg-webid@w3.org
> Subject: [foaf-protocols] WebID Tool
> 
> As side-product of the WebID test suite I've created a little command
> line tool to generate WebID certificates and FOAF files. Last weekend I
> added a simple GUI.
> 
> Screenshot:
> https://resourceme.bergnet.org/files/WebIDTool.png
> 
> Download:
> https://resourceme.bergnet.org/downloads/WebIDTool-20110808.zip
> 
> 
> the bergi
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols@lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
 		 	   		  
Received on Tuesday, 9 August 2011 17:50:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 9 August 2011 17:50:42 GMT