Re: Getting Serious about WebID Bootstrap from ☮ elf Pavlik ☮ on 2012-09-28 (public-xg-webid@w3.org from September 2012)

From: ☮ elf Pavlik ☮ <perpetual-tripper@wwelves.org>
Date: Fri, 28 Sep 2012 20:12:22 +0000
To: Kingsley Idehen <kidehen@openlinksw.com>
Cc: public-xg-webid <public-xg-webid@w3.org>, public-webid <public-xg-webid@w3.org>
Message-Id: <1348863057-sup-4395@heahdk.net>

Excerpts from Kingsley Idehen's message of 2012-09-28 19:14:05 +0000:
> On 9/28/12 3:02 PM, ☮ elf Pavlik ☮ wrote:
> > Excerpts from Kingsley Idehen's message of 2012-09-28 18:45:12 +0000:
> >> On 9/28/12 8:14 AM, ☮ elf Pavlik ☮ wrote:
> >>> Excerpts from Kingsley Idehen's message of 2012-09-28 11:36:21 +0000:
> >>>> All,
> >>>>
> >>>> Bootstrapping anything on the Web requires technology implementer to use
> >>>> (dog-food) whatever technology they seek to promote to others. Thus, I
> >>>> would like to encourage every participant in the RWW and WebID community
> >>>> groups to make a best-effort to start signing emails, moving forward.
> >>>>
> >>>> Naturally, these emails should be signed using an WebID watermarked
> >>>> X.509 certificate. Certificate generation choices include:
> >>>>
> >>>> 1. Native generators that come with your desktop OS -- Mac OS X,
> >>>> Windows, and Linux all include such a utility
> >>>> 2. Certificate generators from WebID IdPs -- I have a list here:
> >>>> http://delicious.com/kidehen/webid+webid_idp (ping me if you have a
> >>>> generator that's unlisted) .
> >>>>
> >>>> Over the last year or so, I've written a number of how-to guides [1]
> >>>> covering how to sign emails across all the major native email clients.
> >>>>
> >>>> Once again, if we don't sign our emails we loose a simple opportunity to
> >>>> showcase the utility of WebIDs and the WebID authentication protocol.
> >>>> Being able to follow-your-nose from a WebID that watermarks an email
> >>>> senders certificate is a very simple utility showcase for both WebID and
> >>>> Linked Data.
> >>>>
> >>>> We can do this!
> >>>>
> >>>> Links:
> >>>>
> >>>> 1. http://bit.ly/VTnxzz -- collection of G+ hosted howtos (for all the
> >>>> major native email clients) covering how to digitally sign emails .
> >>> currently i use terminal based client 'sup' (similar to mutt) which can sign using PGP, i consider switching to http://notmuchmail.org and use some browser based frontend to it ex. https://github.com/peterkeen/speedee
> >>>
> >>> any suggestions on signing emails using browser based email clients?
> >>>
> >>>
> >>>
> >> I am yet to encounter a hosted email system (bar ODS-Mail from us) that
> >> allows you send signed emails.
> > hmmm... i talk about open source webmail which i could patch myself if needed...
> > how do you do it in your ODS-Mail? i understand you need to do it from javascript using your client cert in a browser? all clues warmly welcomed :D thx!
> >
> >
> 
> ODS (OpenLink Data Spaces) leverages a Virtuoso hosted keystore.
> 
> With the new W3C crypto APIs [1]  it should be possible to leverage 
> local OS key stores via Javascript, once someone implements a library 
> for various operating systems that can be plugged into browsers.
> 
> Links:
> 
> 1. http://www.w3.org/TR/WebCryptoAPI/ -- W3C Crytpo API
nice! thanks for pointer Kingsley :)

Received on Friday, 28 September 2012 20:12:48 UTC