- From: Henry Story <henry.story@bblfish.net>
- Date: Sat, 26 Feb 2011 12:26:22 +0100
- To: Cosimo Streppone <cosimo@opera.com>
- Cc: "public-xg-webid@w3.org" <public-xg-webid@w3.org>
On 24 Feb 2011, at 01:45, Cosimo Streppone wrote: > I'm trying to get a hold of WebID, and I'm still stuck at > the basic concept of it unfortunately. > Following the various threads I often encounter new (for me) > technologies and concepts that make it difficult for me > to focus and get "the picture". Everyone fully understands X.509? Cosimo, did any of those answers help? X509 is very simple: it's just a document a bit like XML but in a binary format, that contains a number of fields of which a user name (DN) in an old ldap format, a Subject Alternative Name (optional) we abreviate SAN, a public key, and it is signed by some other entity. If you want to make it simplest the protocol could be the following: 1. create a self signed X509 cert with a webid that is a URL on your server plus #me 2. place that certificate at that location 3. put the certificate with private key in your browser Next when you connect to a web server and it asks you for a client certificate it will send your certificate. If the certs match the one at the WebID, you are identified by that URI. done. That is what the following proposes. http://www.w3.org/2005/Incubator/webid/track/issues/6 Does that make more sense when put like that? Henry Social Web Architect http://bblfish.net/
Received on Saturday, 26 February 2011 11:26:59 UTC