test and comment on FOAF+SSL material

After a miserable experience getting here, I looked around the web at the FOAF+SSL material.

Don't be upset, but its incredibly convoluted, inter-linked and a put off. It goes around in circles, and I don't know who its speaking to. The first impression is that something terribly complicated is going on.

What I think we need is


-          Some .pfx files that anyone can download, and which arm the browser for SSL client auth. That the pfx files provide the same key and cert (and foaf file reference) to all users is irrelevant;  it simply eliminates all cert enrollment and profile generation hassles. Its a demo focusing on the "end result" of the concept, not the steps to get there. It shows that a self-asserted reference to a foaf card is useful.


Back last year, I said for pfx files  guarded with "password":

The first keying file here<http://cid-05061d4609325b60.skydrive.live.com/self.aspx/Public/wiki-PeterWilliams.pfx> allows you to logon to foaf+ssl resources as me, using the procedures of FOAF+SSL. Download it to your c:\ directory (as a file called "wiki.pfx", say). Then, in the IE address bar type c:\wiki.pfx (if that the file name under which you stored the file). The keying material in the file will be loaded into your machine's key stores, after asking you to select various key loading options. (Just use the defaults.) Once done correctly, your browser can now use this digital id at FOAF+SSL websites .
Now do the same for a second file<http://cid-05061d4609325b60.skydrive.live..com/self.aspx/Public/foafdotme-peter60.pfx> - which provisions a second identity. The file loads another digital id into your browser key store .
You now have 2 identities; and their webid fields are synonyms. You can use either webid to logon to FOAF-SSL protected resources such as the naming authority "https://foaf.me<https://foaf.me/>"!

Received on Wednesday, 26 January 2011 12:37:35 UTC