W3C home > Mailing lists > Public > public-xg-webid@w3.org > September 2012

Re: Getting Serious about WebID Bootstrap

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Fri, 28 Sep 2012 15:14:05 -0400
Message-ID: <5065F6FD.2060901@openlinksw.com>
To: ☮ elf Pavlik ☮ <perpetual-tripper@wwelves.org>
CC: public-xg-webid <public-xg-webid@w3.org>
On 9/28/12 3:02 PM, ☮ elf Pavlik ☮ wrote:
> Excerpts from Kingsley Idehen's message of 2012-09-28 18:45:12 +0000:
>> On 9/28/12 8:14 AM, ☮ elf Pavlik ☮ wrote:
>>> Excerpts from Kingsley Idehen's message of 2012-09-28 11:36:21 +0000:
>>>> All,
>>>> Bootstrapping anything on the Web requires technology implementer to use
>>>> (dog-food) whatever technology they seek to promote to others. Thus, I
>>>> would like to encourage every participant in the RWW and WebID community
>>>> groups to make a best-effort to start signing emails, moving forward.
>>>> Naturally, these emails should be signed using an WebID watermarked
>>>> X.509 certificate. Certificate generation choices include:
>>>> 1. Native generators that come with your desktop OS -- Mac OS X,
>>>> Windows, and Linux all include such a utility
>>>> 2. Certificate generators from WebID IdPs -- I have a list here:
>>>> http://delicious.com/kidehen/webid+webid_idp (ping me if you have a
>>>> generator that's unlisted) .
>>>> Over the last year or so, I've written a number of how-to guides [1]
>>>> covering how to sign emails across all the major native email clients.
>>>> Once again, if we don't sign our emails we loose a simple opportunity to
>>>> showcase the utility of WebIDs and the WebID authentication protocol.
>>>> Being able to follow-your-nose from a WebID that watermarks an email
>>>> senders certificate is a very simple utility showcase for both WebID and
>>>> Linked Data.
>>>> We can do this!
>>>> Links:
>>>> 1. http://bit.ly/VTnxzz -- collection of G+ hosted howtos (for all the
>>>> major native email clients) covering how to digitally sign emails .
>>> currently i use terminal based client 'sup' (similar to mutt) which can sign using PGP, i consider switching to http://notmuchmail.org and use some browser based frontend to it ex. https://github.com/peterkeen/speedee
>>> any suggestions on signing emails using browser based email clients?
>> I am yet to encounter a hosted email system (bar ODS-Mail from us) that
>> allows you send signed emails.
> hmmm... i talk about open source webmail which i could patch myself if needed...
> how do you do it in your ODS-Mail? i understand you need to do it from javascript using your client cert in a browser? all clues warmly welcomed :D thx!

ODS (OpenLink Data Spaces) leverages a Virtuoso hosted keystore.

With the new W3C crypto APIs [1]  it should be possible to leverage 
local OS key stores via Javascript, once someone implements a library 
for various operating systems that can be plugged into browsers.


1. http://www.w3.org/TR/WebCryptoAPI/ -- W3C Crytpo API



Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Received on Friday, 28 September 2012 19:14:29 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:55 UTC