- From: Cosimo Streppone <cosimo@opera.com>
- Date: Sat, 26 Feb 2011 23:06:31 +1100
- To: "Henry Story" <henry.story@bblfish.net>
- Cc: "public-xg-webid@w3.org" <public-xg-webid@w3.org>
On Sat, 26 Feb 2011 22:26:22 +1100, Henry Story <henry.story@bblfish.net> wrote: > On 24 Feb 2011, at 01:45, Cosimo Streppone wrote: > >> I'm trying to get a hold of WebID, and I'm still stuck at >> the basic concept of it unfortunately. >> Following the various threads I often encounter new (for me) >> technologies and concepts that make it difficult for me >> to focus and get "the picture". Everyone fully understands X.509? > > Cosimo, did any of those answers help? Yes, definitely. Thanks again. > X509 is very simple: it's just a document a bit like XML but in a binary > format, that contains a number of fields of which a user name (DN) in an > old ldap format, a Subject Alternative Name (optional) we abreviate SAN, > a public key, and it is signed by some other entity. The best way to learn for me would be to implement some minimal prototypes of certificate generation and webid authentication, exactly like you show in your video. Does this make sense at this stage? Is there existing source code for the prototypes shown in the video? > If you want to make it simplest the protocol could be the following: > > 1. create a self signed X509 cert with a webid that is a URL on your > server plus #me > 2. place that certificate at that location > 3. put the certificate with private key in your browser > > Next when you connect to a web server and it asks you for a client > certificate it will send your certificate. If the certs match the one at > the WebID, you are identified by that URI. > > done. > > That is what the following proposes. > > http://www.w3.org/2005/Incubator/webid/track/issues/6 > > Does that make more sense when put like that? Yes, it does. Thanks! -- Cosimo
Received on Saturday, 26 February 2011 12:08:53 UTC