- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Thu, 08 May 2014 18:47:59 -0400
- To: "public-rww@w3.org" <public-rww@w3.org>
- Message-ID: <536C099F.7030501@openlinksw.com>
Andrei,
Here is a dump from the verifier (Henry's I believe) that's integrated
into cimb.co. Basically, my WebID authenticates successfully, but I
can't login to cimba.
In addition, you can de-reference the WebID I am using to see that the
storage relations are in place [1].
* Checking client TLS handshake (public key matches private key)...
PASSED (Reason: GENEROUS)
* Checking if certificate contains HTTP URIs in the subjectAltName
field... PASSED
* Found 1 URIs in the certificate.
* Checking URI 1
(http://id.myopenlink.net/public_home/KingsleyUyiIdehen/Public/YouID/IDcard_Facebook_140505_211524/140505_211524_profile.ttl#identity)...
- Trying to fetch and process certificate(s) from webid profile...
Testing if the modulus representation matches the one in the
webid (found a modulus value)...
Testing modulus... PASSED
WebID=cc7b8af5412abdb.......2658e4ebc0c2a6f
Cert =cc7b8af5412abdb.......2658e4ebc0c2a6f
Match found in claim 1, ignoring futher tests!
* Authentication successful!
Your certificate contains the following WebIDs:
http://id.myopenlink.net/public_home/KingsleyUyiIdehen/Public/YouID/IDcard_Facebook_140505_211524/140505_211524_profile.ttl#identity
The WebID URI used to claim your identity is:
http://id.myopenlink.net/public_home/KingsleyUyiIdehen/Public/YouID/IDcard_Facebook_140505_211524/140505_211524_profile.ttl#identity
(your claim was SUCCESSFUL!)
The WebID URL suffix (to be signed) for your service provider is:
?webid=http://id.myopenlink.net/public_home/KingsleyUyiIdehen/Public/YouID/IDcard_Facebook_140505_211524/140505_211524_profile.ttl#identity&ts=2014-05-09CEST00:41:16+02:00
Unless both of those strings map to the same number, your identification
experience will vary across clients.
Your certificate in PEM format:
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgICBzUwDQYJKoZIhvcNAQENBQAwQTEjMCEGA1UEAwwaT3Bl
bkxpbmsgU29mdHdhcmUgTG9jYWwgQ0ExGjAYBgNVBAoMEU9wZW5MaW5rIFNvZnR3
YXJlMB4XDTE0MDUwNjAxMTY1NFoXDTE0MDYwNTAxMTY1NFowgYwxCzAJBgNVBAYT
AlVTMQswCQYDVQQIDAJNQTEnMCUGA1UEAwweS2luZ3NsZXkgVXlpIElkZWhlbiAo
RmFjZWJvb2spMSAwHgYDVQQKDBdGYWNlYm9vayBTb2NpYWwgTmV0d29yazElMCMG
CSqGSIb3DQEJARYWa2lkZWhlbkBvcGVubGlua3N3LmNvbTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMx7ivVBKr2+9kdoxE3wDytMFs/jF2tzMkLpW2JF
mhPd2PESdSitrMYflqIcAGiYBNa4jh0kY5ulLYQT33lTbd/ytt8FXXSINKVVUvLv
cNAMi+IxRsZ3j0gVDhP/6v1RuIKvwqvmga/ZK7C1y3DIUne/FNOmBjvsYcfz31lf
isso8lh9ql5N81ooDhgs1ivXI6DXY7EAtijWnlpA/WWMRhBBg0MG0/unPm4QOmbU
iknf5KjuX8NpAO3pWbe0Mq5hvqv5/iDbMqyCxTTFUUMinQU52XdLmEBAIoaqb4Si
zNPaWsDudEoEi5KzAvXLCwyrZzPqOfZyXZDCAmWOTrwMKm8CAwEAAaOCAmswggJn
MB0GA1UdDgQWBBQ+6lDDk2KgxB/Y5Eh3IpbvNYmw3jAdBgNVHQ4EFgQUPupQw5Ni
oMQf2ORIdyKW7zWJsN4wgZIGA1UdEQSBijCBh4aBhGh0dHA6Ly9pZC5teW9wZW5s
aW5rLm5ldC9wdWJsaWNfaG9tZS9LaW5nc2xleVV5aUlkZWhlbi9QdWJsaWMvWW91
SUQvSURjYXJkX0ZhY2Vib29rXzE0MDUwNV8yMTE1MjQvMTQwNTA1XzIxMTUyNF9w
cm9maWxlLnR0bCNpZGVudGl0eTA3BglghkgBhvhCAQ0EKhYoQ2VydGlmaWNhdGUg
R2VuZXJhdGVkIGJ5IE9wZW5MaW5rIFlvdUlELjA8BgNVHRIENYYzaHR0cDovL2lk
Lm15b3BlbmxpbmsubmV0L2lzc3Vlci9rZXkvZGJhL2lkX3JzYSN0aGlzMA4GA1Ud
DwEB/wQEAwIDuDAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwFAYJ
YIZIAYb4QgEBAQH/BAQDAgWgMIGYBghghkgBtp9JAQSBixaBiGh0dHA6Ly9pZC5t
eW9wZW5saW5rLm5ldC9wdWJsaWNfaG9tZS9LaW5nc2xleVV5aUlkZWhlbi9QdWJs
aWMvWW91SUQvSURjYXJkX0ZhY2Vib29rXzE0MDUwNV8yMTE1MjQvMTQwNTA1XzIx
MTUyNF9wdWJsaWNfa2V5LnR0bCNQdWJsaWNLZXkwOAYIYIZIAbafSQIELBYqbXlv
cGVubGlua19iL0lEY2FyZF9GYWNlYm9va18xNDA1MDVfMjExNTI0MA0GCSqGSIb3
DQEBDQUAA4IBAQAFnD3AdYNN9tsK8hjutNXE94d5n03j9UgyaP0rfZoYmVAiLsBH
/Z+6V0QIbMLUNv743vIFcRGfYDO4oS+kUHsw7ESk/ap76npRjNdzUZaWYMowVg2f
jx9j0Zd4M8Oe6PToqLi+lFTjUiGzi/ja/ngDuaa4NXuIkSZC7bDzzfBy0eBRAPBL
6lvXEmiWKoxJSMpd7PTOhzN/Rfvh4Jbc4XlRE8rvzTFqLelntT2PT0Ick7k0H9z1
5Rmt0jjDnWXEWtQNSHyk2W0UjioIYZlEi8jISBMrpLatPyupYhmjutyYwrL3zItN
r0JcJbfaHSmOGQ/Hh1Ll1bNaeJ63T4nN+tmp
-----END CERTIFICATE-----
Your certificate in text format:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1845 (0x735)
Signature Algorithm: sha512WithRSAEncryption
Issuer: CN=OpenLink Software Local CA, O=OpenLink Software
Validity
Not Before: May 6 01:16:54 2014 GMT
Not After : Jun 5 01:16:54 2014 GMT
Subject: C=US, ST=MA, CN=Kingsley Uyi Idehen (Facebook),
O=Facebook Social Network/emailAddress=kidehen@openlinksw.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cc:7b:8a:f5:41:2a:bd:be:f6:47:68:c4:4d:f0:
0f:2b:4c:16:cf:e3:17:6b:73:32:42:e9:5b:62:45:
9a:13:dd:d8:f1:12:75:28:ad:ac:c6:1f:96:a2:1c:
00:68:98:04:d6:b8:8e:1d:24:63:9b:a5:2d:84:13:
df:79:53:6d:df:f2:b6:df:05:5d:74:88:34:a5:55:
52:f2:ef:70:d0:0c:8b:e2:31:46:c6:77:8f:48:15:
0e:13:ff:ea:fd:51:b8:82:af:c2:ab:e6:81:af:d9:
2b:b0:b5:cb:70:c8:52:77:bf:14:d3:a6:06:3b:ec:
61:c7:f3:df:59:5f:8a:cb:28:f2:58:7d:aa:5e:4d:
f3:5a:28:0e:18:2c:d6:2b:d7:23:a0:d7:63:b1:00:
b6:28:d6:9e:5a:40:fd:65:8c:46:10:41:83:43:06:
d3:fb:a7:3e:6e:10:3a:66:d4:8a:49:df:e4:a8:ee:
5f:c3:69:00:ed:e9:59:b7:b4:32:ae:61:be:ab:f9:
fe:20:db:32:ac:82:c5:34:c5:51:43:22:9d:05:39:
d9:77:4b:98:40:40:22:86:aa:6f:84:a2:cc:d3:da:
5a:c0:ee:74:4a:04:8b:92:b3:02:f5:cb:0b:0c:ab:
67:33:ea:39:f6:72:5d:90:c2:02:65:8e:4e:bc:0c:
2a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:EA:50:C3:93:62:A0:C4:1F:D8:E4:48:77:22:96:EF:35:89:B0:DE
X509v3 Subject Key Identifier:
3E:EA:50:C3:93:62:A0:C4:1F:D8:E4:48:77:22:96:EF:35:89:B0:DE
X509v3 Subject Alternative Name:
URI:http://id.myopenlink.net/public_home/KingsleyUyiIdehen/Public/YouID/IDcard_Facebook_140505_211524/140505_211524_profile.ttl#identity
Netscape Comment:
Certificate Generated by OpenLink YouID.
X509v3 Issuer Alternative Name:
.3http://id.myopenlink.net/issuer/key/dba/id_rsa#this
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Data Encipherment,
Key Agreement
X509v3 Extended Key Usage: critical
TLS Web Client Authentication, E-mail Protection
Netscape Cert Type: critical
SSL Client, S/MIME
2.16.840.1.888777.1:
...http://id.myopenlink.net/public_home/KingsleyUyiIdehen/Public/YouID/IDcard_Facebook_140505_211524/140505_211524_public_key.ttl#PublicKey
2.16.840.1.888777.2:
.*myopenlink_b/IDcard_Facebook_140505_211524
Signature Algorithm: sha512WithRSAEncryption
05:9c:3d:c0:75:83:4d:f6:db:0a:f2:18:ee:b4:d5:c4:f7:87:
79:9f:4d:e3:f5:48:32:68:fd:2b:7d:9a:18:99:50:22:2e:c0:
47:fd:9f:ba:57:44:08:6c:c2:d4:36:fe:f8:de:f2:05:71:11:
9f:60:33:b8:a1:2f:a4:50:7b:30:ec:44:a4:fd:aa:7b:ea:7a:
51:8c:d7:73:51:96:96:60:ca:30:56:0d:9f:8f:1f:63:d1:97:
78:33:c3:9e:e8:f4:e8:a8:b8:be:94:54:e3:52:21:b3:8b:f8:
da:fe:78:03:b9:a6:b8:35:7b:88:91:26:42:ed:b0:f3:cd:f0:
72:d1:e0:51:00:f0:4b:ea:5b:d7:12:68:96:2a:8c:49:48:ca:
5d:ec:f4:ce:87:33:7f:45:fb:e1:e0:96:dc:e1:79:51:13:ca:
ef:cd:31:6a:2d:e9:67:b5:3d:8f:4f:42:1c:93:b9:34:1f:dc:
f5:e5:19:ad:d2:38:c3:9d:65:c4:5a:d4:0d:48:7c:a4:d9:6d:
14:8e:2a:08:61:99:44:8b:c8:c8:48:13:2b:a4:b6:ad:3f:2b:
a9:62:19:a3:ba:dc:98:c2:b2:f7:cc:8b:4d:af:42:5c:25:b7:
da:1d:29:8e:19:0f:c7:87:52:e5:d5:b3:5a:78:9e:b7:4f:89:
cd:fa:d9:a9
Links:
[1] http://bit.ly/1mGTXOX -- profile document that shows existence of
storage relation
--
Regards,
Kingsley Idehen
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Thursday, 8 May 2014 22:48:21 UTC