- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Tue, 06 Aug 2013 09:27:52 -0400
- To: public-lod@w3.org
- Message-ID: <5200F9D8.9000504@openlinksw.com>
On 8/6/13 7:55 AM, Joe wrote: > Hugh, try the MIT WebID provider... https://webid.mit.edu/ > > You can bootstrap from MIT Certificate or your Google Account and link > your existing foaf > > It works with all the services, rww.io <http://rww.io>, data.fm > <http://data.fm>, my-profile, etc. in Chrome, Safari, and Firefox. > You can also try: 1. http://youid.openlinksw.com -- for iOS devices (support the option to work with an existing FOAF file, but you need to enable that via control panel) 2. http://id.myopenlink.net/certgen -- generation via Web browser (it does support the option to work with an existing FOAF file). In reality though, for your particular user profile I would encourage you to simply manually add insert the relations required by the WebID+TLS protocol into your existing profile, after you've generated an X.509 certificate using in-built OS utilities [1]. If you don't want to use the OS utils then either option above will enable you present a WebID (HTTP URI that denotes an Agent) as part of the X.509 cert. generation pipeline. The basic steps re. WebID and TLS based authentication: 1. Create a Profile Document -- this gets you a Personal HTTP URI (or WebID) that denotes entity "You" 2. Generate an X.509 Certificate -- as part of the process, place your WebID in the SAN (Subject Alternative Name) slot 3. Add a relation to your Profile Document that associates your WebID with the Public Key (exponent and modulus) from the Cert. generated in step #3. 4. Verify your WebID 5. Start authenticating against apps and services that support WebID+TLS based authentication. The main benefits of WebID include: 1. elimination of passwords during the authentication process 2. incorporation of Linked Data into areas such as verifiable identity and authenticated login that leverages existing TLS infrastructure baked into Web user agents 3. signing emails (as you can see here, everything I state in an email that ends up wherever is signed by me, you can even follow-your-nose from this email to my profile) 4. totally platform agnostic. Links: [1] http://bit.ly/SuMWP4 -- creating an X.509 certificate for use with WebID via Mac OS X Keychain's Generator [2] http://id.myopenlink.net/ods/webid_demo.html -- simple WebID verifier [3] https://delicious.com/kidehen/webid -- some of my WebID related bookmarks assembled over the years. -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Tuesday, 6 August 2013 13:28:16 UTC