W3C home > Mailing lists > Public > public-xg-webid@w3.org > August 2011

foaf=workshop was: WebID Tool

From: Henry Story <henry.story@bblfish.net>
Date: Sat, 13 Aug 2011 22:37:37 +0200
Cc: Peter Williams <home_pw@msn.com>, "public-xg-webid@w3.org XG" <public-xg-webid@w3.org>, foaf-protocols@lists.foaf-project.org, foaf-dev@lists.foaf-project.org
Message-Id: <AFDA1CD1-4456-472E-88F1-4A4A55EBE28A@bblfish.net>
To: bergi <bergi@axolotlfarm.org>
Hi Bergi,

   this looks very useful for a foaf workshop such as the one I put on today at
Chaos Communications Camp in Berlin. 

  http://events.ccc.de/camp/2011/wiki/FOAF

I was planning to use your WebID Tool to help in the creation of the public key after everyone had written out their public key. But things were a bit slower than I had thought, partly as this is my first workshop, partly because I was quite tired from being up too late, so I did not get round to this. 

The agenda for the talk was here:

   http://events.ccc.de/camp/2011/wiki/FOAF

We succeeded in  creating a foaf group for the event, but were only able to add a couple of people out of a dozen in the foaf group, as we were interrupted just at the point where they were publishing their foaf files to get a WebID

    http://bblfish.net/tmp/2011/08/13/

Initially I had thought of everybody exchanging their WebIDs, but the correct solution would have been for me to create a foaf group, and add each person as they finished their profile. Then people could have downloaded that profile and added people to their foaf if they so wished. 

The idea is to get people comfortable to write linked data by building a little social network. Adding access control to a wiki due to this would be very nice.

	Henry

On 10 Aug 2011, at 00:08, bergi wrote:

> Mainly I created this tool to help developers/testers who have deal with
> more than one browser. Currently many people maintain their FOAF file
> manually. So there are two options if you generate your WebID with HTML
> <keygen>: Add a public key for every browser to your FOAF file or
> export/import your certificate. With the tool you only have to import
> the PKCS12, which is usually easier. Also you get a minimal FOAF for
> your WebID. If you have already some PKCS12 on your disk and you want to
> know which one contains which URI, the tool can also open existing files.
> 
> For a broader acceptance I think there is now way besides HTML <keygen>.
> Everything else we have now is to complicated for most people.
> 
> Nowadays more and more JavaScript programs use cryptographic functions.
> I expect browser vendors will provide an API for their crypto stores
> soon or later. Let's the how this API will look like.
> 
> Am 09.08.2011 19:50, schrieb Peter Williams:
>> 
>> are you assuming that the browser imports the keying material from
>> the PKCS#12 output, rather than use keygen? if so I like the design.
>> Its waht I advocated - use offline key management, divorced from the
>> web. Its the original CA model (in fact), which assumed NO online
>> presence for a CA, given the disaster that follows given its nature,
>> if its signing key are compromised (by leakage through the online
>> protocol). PKCS#12 is quite general. There is really no reason why
>> one of its tagged streams could be be including the RDF within the
>> stream. Thus the rdf stream is indirectly signed, etc. one could
>> imagine a mozilla plugin being able to read the objects within the
>> PKCS#12 stream, and use the profile information, while the browser
>> engine itself uses the evil (asn.1 encoded) cert and private key
>> streams. This would require Mozilla to open up access to the stream
>> objects in its crypto store to plugins. Im not sure DOD will allow
>> them to do this, though. DoD have the browser vendors lock up the
>> API, so it reduces the crypto capabilities to what these agencies
>> things consumers OUGHT to have.
>>> Date: Mon, 8 Aug 2011 22:26:35 +0200 From: bergi@axolotlfarm.org 
>>> To: foaf-protocols@lists.foaf-project.org; public-xg-webid@w3.org 
>>> Subject: [foaf-protocols] WebID Tool
>>> 
>>> As side-product of the WebID test suite I've created a little
>>> command line tool to generate WebID certificates and FOAF files.
>>> Last weekend I added a simple GUI.
>>> 
>>> Screenshot: https://resourceme.bergnet.org/files/WebIDTool.png
>>> 
>>> Download: 
>>> https://resourceme.bergnet.org/downloads/WebIDTool-20110808.zip
>>> 
>>> 
>>> the bergi _______________________________________________ 
>>> foaf-protocols mailing list foaf-protocols@lists.foaf-project.org 
>>> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>> 
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols@lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols

Social Web Architect
http://bblfish.net/
Received on Saturday, 13 August 2011 20:38:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 13 August 2011 20:38:10 GMT