W3C home > Mailing lists > Public > public-xg-webid@w3.org > February 2011

Re: slow down and organize

From: Henry Story <henry.story@bblfish.net>
Date: Sat, 26 Feb 2011 12:26:22 +0100
Cc: "public-xg-webid@w3.org" <public-xg-webid@w3.org>
Message-Id: <DD3AE2D1-A6B7-4A94-825F-AB44F1015699@bblfish.net>
To: Cosimo Streppone <cosimo@opera.com>

On 24 Feb 2011, at 01:45, Cosimo Streppone wrote:

> I'm trying to get a hold of WebID, and I'm still stuck at
> the basic concept of it unfortunately.
> Following the various threads I often encounter new (for me)
> technologies and concepts that make it difficult for me
> to focus and get "the picture". Everyone fully understands X.509?

Cosimo, did any of those answers help?

X509 is very simple: it's just a document a bit like XML but in a binary format, that contains a number of fields of which a user name (DN) in an old ldap format, a Subject Alternative Name (optional) we abreviate SAN, a public key, and it is signed by some other entity.

If you want to make it simplest the protocol could be the following:

1. create a self signed X509 cert with a webid that is a URL on your server plus #me
2. place that certificate at that location
3. put the certificate with private key in your browser

Next when you connect to a web server and it asks you for a client certificate it will send your certificate. If the certs match the one at the WebID, you are identified by that URI. 

done.

That is what the following proposes.

 http://www.w3.org/2005/Incubator/webid/track/issues/6

Does that make more sense when put like that?

	Henry

Social Web Architect
http://bblfish.net/
Received on Saturday, 26 February 2011 11:26:59 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:22 UTC