Re: WebID+OpenID Proxy Service from Kingsley Idehen on 2011-12-22 (public-xg-webid@w3.org from December 2011)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Thu, 22 Dec 2011 09:29:55 -0500
To: public-xg-webid@w3.org
Message-ID: <4EF33EE3.9000103@openlinksw.com>

On 12/22/11 9:22 AM, Peter Williams wrote:
> I went through another enrollment at the cert genrator, this time 
> using twitter. I cannot use the resulting .p12 file to logon to FCNS. 
> There doesnt seem to be anying for FCNS validation ping to consult, at 
> the twitter page (data store).

It has the issue raised yesterday re. URIs and redirection. Our proxy 
URIs are slash based, so we do a 303 re. Name / Address disambiguation.

You can try Henry's verifier as he has now fixed the bug. I haven't had 
time to revisit his verification service yet.

>
> Essentially, there is JUST TOO MUCH being used; too many potential 
> failures of multiple interworking points. The OAUTH eventually worked 
> (with Twitter). The facebook data space mostly worked. The IE .p12 
> stuff seems to work very nicely. The email ping back worked, but could 
> not repeat the trial (need to learn to use IE javascript to do logout, 
> so you can rechallenge the cert picker).
>
> Need to start smaller, when doing multi-vendor interworking. First, 
> the generated .p12 given a NO login (to the cert picker app) needs to 
> talk to FCNS, where the webid in the cert SAN JUST shows a foaf card 
> when used in a browser. No twitter, no facebook, not nothing. Just 
> simple files, and logon, and no third party vendor interaction.
>

Yes, this is a first pass with HTML pages in front of a sophisticated 
authentication engine. The hard part is making the engine. Next stop is 
the UI/UX. As you can imagine, we have to compartmentalize our work . As 
I write, the engine is being passed on to a team that focuses solely on 
UI/UX.

> Having played with blogging platforms (and RDFa), Im going to go back 
> to hosting a foaf profile in azure blob storage. lets see how well  
> folks do with a journaled cloud data service, if FCNS can ping it now, 
> etc.
At this juncture there are two issues:

1. multiple URIs in SAN -- fixed
2. niggling openid v 2.0 issues -- still WIP.

-- 

Regards,

Kingsley Idehen	
Founder&  CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Thursday, 22 December 2011 14:30:22 UTC