[foaf-protocols] Self-signing certificates

Peter Williams pwilliams at rapattoni.com
Sat Dec 19 20:20:49 CET 2009



-----Original Message-----

From: Peter Williams [mailto:home_pw at msn.com]
Sent: Friday, December 18, 2009 1:07 PM
Cc: 'foaf-protocols at lists.foaf-project.org'
Subject: RE: [foaf-protocols] Self-signing certificates

      <issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
        <trustedIssuers>
          <add thumbprint="B51C9602DFA5E73E0A53F9A8545E9CDBBA9472DB" name="uri:WindowsLiveID" />
          <add thumbprint="B3059BDE766F90BDAF6F3103DA95BEBF019E17A4" name="uri:WindowsLiveID" />
        </trustedIssuers>
      </issuerNameRegistry>

-----Original Message-----

[Peter Williams] BTW, one can uses a different type to configure the element (and the handling components that behave according to the element' spec). In .NET land, the type is often a programming type (vs an ontological or wordnet category) and is (according to Turing) a pretty useful thing.

There is no reason why one cannot write a different programmable-type, and have foaf files be the source of the trustedissuers. One be nice if it launched a javascript type engine... so the resolvers are scriptable.

I half remember reading some .NET sample code for writing one's own trustedissuer provider.

Doing this kind of thing is PART of the windows model, BTW. Rather than create a commodity framework that expects one to put "blind trust" in a controlling IDP, always remember that to Microsoft the PC is a liberating vehicle for individuals (while also being a work centric vehicle for enterprises). Thus, the windows framework is built to allow one and to FACILITATE one to 'Interpret' what the IDP says (vs blindly rely). If you want to blindly rely on facebook, you CAN (though). It's up to you to work with this architecture, which addresses a legal culture where the presumptions are set so you have no privacy until you assert you do (and then actually show you are working prudently to enforce it).




More information about the foaf-protocols mailing list