Re: slow down and organize

On 24 Feb 2011, at 01:45, Cosimo Streppone wrote:

> I'm trying to get a hold of WebID, and I'm still stuck at
> the basic concept of it unfortunately.
> Following the various threads I often encounter new (for me)
> technologies and concepts that make it difficult for me
> to focus and get "the picture". Everyone fully understands X.509?

Cosimo, did any of those answers help?

X509 is very simple: it's just a document a bit like XML but in a binary format, that contains a number of fields of which a user name (DN) in an old ldap format, a Subject Alternative Name (optional) we abreviate SAN, a public key, and it is signed by some other entity.

If you want to make it simplest the protocol could be the following:

1. create a self signed X509 cert with a webid that is a URL on your server plus #me
2. place that certificate at that location
3. put the certificate with private key in your browser

Next when you connect to a web server and it asks you for a client certificate it will send your certificate. If the certs match the one at the WebID, you are identified by that URI. 


That is what the following proposes.

Does that make more sense when put like that?


Social Web Architect

Received on Saturday, 26 February 2011 11:26:59 UTC