Re: Source releases from Mo McRoberts on 2012-01-05 (public-xg-webid@w3.org from January 2012)

From: Mo McRoberts <mo.mcroberts@bbc.co.uk>
Date: Thu, 5 Jan 2012 23:56:02 +0000
To: "public-xg-webid@w3.org XG" <public-xg-webid@w3.org>
Message-Id: <8A713654-E7A2-491F-B041-0BA126EA0020@bbc.co.uk>

On 5 Jan 2012, at 22:47, Mo McRoberts wrote:

> The second is a library, and associated command-line tool, which will process a certificate in PEM format, look for URIs in the SAN, attempt to fetch the data retrievable using those URIs, and compare any referenced cert:RSAPublicKey instances with the key in the certificate.
> 
> http://github.com/nevali/libmyD
> 
> The tool prints debugging output where verification fails. It’s built on OpenSSL and Redland, but I've not spent more than about an hour on the code, so consider it massively experimental. The library is intended to (eventually) do more than handle WebID certs, but that aspect of it (and the tool) isn't going to go away.

I meant to include an example of this in use:

$ ./myd-verify < ~/webid.pem 
Parsed an X.509 certificate
Certificate issuer DN:
    CN = Mo McRoberts (Temporary WebID), C = GB
Certificate subject DN:
    CN = Mo McRoberts (Temporary WebID), C = GB
Modulus (2048 bit):
    00:ba:7a:af:76:bf:6a:06:c7:5a:97:e3:5f:c3:5b:
    48:0b:19:45:b3:29:0b:c3:54:f0:5d:0e:36:e8:a6:
    e8:db:57:8d:1b:de:41:2f:9a:d7:bf:4b:15:b1:eb:
    6a:2c:4f:11:14:63:76:84:01:14:9b:3e:8a:36:b8:
    85:54:f5:66:f1:2f:ed:0c:d6:59:ec:d2:4f:cb:ae:
    77:e3:6f:df:42:d4:af:e6:38:b5:4e:3d:e7:96:b3:
    98:96:69:62:29:dc:b4:18:dc:d1:36:63:56:6d:e4:
    e6:2f:9e:1f:2b:44:6f:83:5b:b4:fa:d2:3c:eb:f3:
    47:47:bb:99:10:9d:89:5e:eb:40:bd:1a:3d:a9:0c:
    68:2c:03:19:32:b9:4a:4c:3c:06:d3:13:9d:28:04:
    9d:94:8f:c4:55:d2:5c:92:8a:84:ae:30:97:07:21:
    0f:78:8d:09:18:9a:d1:48:c8:d4:27:b9:e6:3c:a3:
    a5:b4:56:5a:df:13:33:f1:9b:53:54:88:28:ce:4b:
    9d:d8:37:a4:db:42:fc:2f:9c:1d:a9:34:dd:2e:69:
    e6:b9:b8:6f:bc:cc:9d:0d:e3:51:4a:24:c0:14:49:
    df:87:e0:85:3e:04:e4:51:4e:ba:5d:8e:12:01:9b:
    7c:cd:48:f5:bb:59:d1:c7:cf:97:d9:f9:be:16:6a:
    6d:41
Exponent: 65537 (0x10001)
Embedded URI #1:
    http://naughtystep.nexgenta.com/2011/webid-test#me
      [+] Parsed
      [+] Found key statement
      [+] Matched key to certificate
      [+] Valid according to policy

M.

-- 
Mo McRoberts - Technical Lead - The Space,
0141 422 6036 (Internal: 01-26036) - PGP key CEBCF03E,
Project Office: Room 7083, BBC Television Centre, London W12 7RJ

Received on Thursday, 5 January 2012 23:56:30 UTC