Foaf+ssl/IDP

From W3C Wiki
Jump to: navigation, search

Current WebID (née FOAF+SSL) Identity Providers

Would you like to create yourself a WebID? Here are a few services (known as Identity Providers, or IdPs) that can do this for you easily. Once done, you can then log in with one click into the growing number of FOAF+SSL enabled sites.


OpenLink Certificate Generator & Identity Provider Service

An HTML Wizard based x.509 generator that produces certificates with WebID watermarks. This particular service also acts as a proxy for Facebook, Twitter, LinkedIn, AtomPub compliant Blog Platforms, and OpenID, enabling them to participate in the WebID IdP ecosystem.

The activities of this service are two-fold:

  • generation of x.509 certificates with WebID watermarks
  • persistence of signed claims to a location that's de-referencable via the URI that serves as the generated x.509 certificate's WebID watermark.

The above implies that posts to Twitter, Facebook, LinkedIn, BlogSpot, WordPress etc.. serve as resources that hold the lookup graph that drives the WebID verification protocol.

Related Links

OpenLink Data Spaces (ODS) Identity Provider Service

A hosted service (for end-users or developers) that narrows down creating a WebID to the following steps:

  1. Create a ODS user account (starting fresh, or based on an existing OpenID or WebID you've obtained elsewhere). This step also automatically creates a structured profile document (in this case, hosted by id.myopenlink.net) with the new WebID used as the main (primary) subject. The URL for the structured profile document is the same as the new WebID URL.
  2. Go to the profile edit page.
  3. Click on the security tab.
  4. Click on the generate certificate button. This triggers the generation of an X.509 certificate (which will be automatically stored in the operating system or browser keystore, depending on operating system and browser combo), which includes your WebID and its associated private key.
  5. Click on the save certificate button. This completes the WebID creation process by writing the same X.509 Certificate, bearing your WebID, to the structured profile document created in step 1.

The same steps may be used on any OpenLink Data Spaces instance (e.g., your own Personal Data Space on the Web via an Amazon AMI, Enterprise, Workgroup, or Personal installation, etc.) since it's the underlying platform behind id.myopenlink.net .

Related links

my-profile.eu

my-profile.eu is a suite of services designed mainly (but not only) for users already familiar with FOAF+SSL. Two of the services provided allow users to create extensive FOAF profiles (with or without creating a corresponding certificate), as well as stand-alone client certificates for existing profiles. To create a certificate, the user must already know where the WebID will be hosted; for a WebID URI like http://mywebiste.com/people/user/profile#me, the user would have to host it under http://mywebiste.com/people/user/, and serve the profile file in a meaningful way (see this how-to to understand how to serve different content types).

To create a WebID profile (which will be stored on the server):

  1. Click on Get a WebID.
  2. The Username field must be at least 2 characters long (max 12), with these accepted characters: a-z 0-9 _ . -
  3. The Full Name filed is required and cannot be left blank.
  4. Fill in whatever information you would like to have in your profile.
  5. Click New profile.

To create a certificate for your existing WebID profile:

  1. Click on More -> Issue Certificate.
  2. Fill at least one FOAF URI with your WebID URI (same one as before).
  3. Fill the Full name with at least 2 characters.
  4. Click on Install certificate; the browser will tell you when the key has been successfully installed.