- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Thu, 15 Sep 2016 12:14:53 -0400
- To: public-webid@w3.org
- Message-ID: <1530627a-7412-f73e-57c5-0f8925a58ea2@openlinksw.com>
On 9/15/16 11:32 AM, Melvin Carvalho wrote: > > > On 15 September 2016 at 17:22, Kingsley Idehen <kidehen@openlinksw.com > <mailto:kidehen@openlinksw.com>> wrote: > > On 9/13/16 7:58 AM, Jacopo Scazzosi wrote: > > Hello. > > > > First mail to this list. My name's Jacopo Scazzosi, nice to meet > you all. > > > > I've been recently researching the world of WebID-TLS. The current > > specs seem to dictate the use of RSA. As one of my requirements > is the > > support of different types of keys, I've written a proof-of-concept > > authentication module for nodejs using X509 fingerprint comparison > > instead exponent+modulus comparison. I'm currently using SHA-256 > > fingerprints but I plan on leaving the choice of the hash > function up > > to our subjects. Module is here: > > https://github.com/jacoscaz/node-webidentity > <https://github.com/jacoscaz/node-webidentity> > > > > Has support for non-RSA keys been already considered in the past? > > > > Cheers. > > Hi Jacopo, > > We have included fingerprint lookup in our authentication module which > supports WebID+TLS. > > The only issue here is that we are now talking about different > protocol > i.e., not part of the WebID+TLS spec, as it currently stands. Thus, we > currently use the moniker NetID for this particular option. > > Fingerprints are much easier with regards to manual setup of > WebID-Profile documents associated with WebIDs en route to PKI > exploitation in any authentication protocol. > > Anyway, we take the same position as you i.e., its there as an > option :) > > > I wonder if this is worth standardizing? > Realistically, its best done as a "best practice" effort first. Then following lots of interop etc., a case can be made for standardization (which is a protracted process). -- Regards, Kingsley Idehen Founder & CEO OpenLink Software (Home Page: http://www.openlinksw.com) Medium Blog: https://medium.com/@kidehen Blogspot Blog: http://kidehen.blogspot.com Twitter Profile: https://twitter.com/kidehen Google+ Profile: https://plus.google.com/+KingsleyIdehen/about LinkedIn Profile: http://www.linkedin.com/in/kidehen Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Thursday, 15 September 2016 16:15:17 UTC