[foaf-protocols] inducing IE to treat its client cert selector much like an infocard selector

Story Henry henry.story at bblfish.net
Fri Nov 27 11:33:23 CET 2009 

Thanks for these links Peter. I have updated the Wiki with a pointer to this thread, so that Microsoft engineers can find some pointers more easily.
http://esw.w3.org/topic/foaf+ssl

It may be good to create a wiki page, perhaps

http://esw.w3.org/topic/foaf+ssl/HOWTO/IIS 

or write a blog which collects all the pieces of information together, and then link to that from the wiki.

Henry


On 27 Nov 2009, at 05:27, Peter Williams wrote:

> http://blogs.msdn.com/vbertocci/archive/2008/11/26/an-identity-provider-and-
> its-sts-writing-a-custom-sts-with-the-october-beta-of-the-geneva-framework.a
> spx
> 
> 
> 
> Rather than thinking at the network level, we can also think at the
> federation level. Might interesting to perhaps take the custom cert
> acceptance class in the mentioned code (which treats the https client cert
> as a "security token"), and add the foaf+ssl logic. The claims supplied to
> the STS could come from the foaf file, before the STS then cooperates with a
> WCF class to access some webapp. This would essentially be the same
> structure as the foaf+ssl meets openid IDP case.  The cert can be one of the
> claims that is sent over ws-federation's authenticatd channel to the webapp
> (which can do further work with the webid and the cert, should it wish -
> such as test its issuer for wot-specific trust matters).
> 
> 
> 
> From: foaf-protocols-bounces at lists.foaf-project.org
> [mailto:foaf-protocols-bounces at lists.foaf-project.org] On Behalf Of Peter
> Williams
> Sent: Thursday, November 26, 2009 12:31 PM
> Cc: foaf-protocols at lists.foaf-project.org
> Subject: Re: [foaf-protocols] inducing IE to treat its client cert selector
> much like an infocard selector
> 
> 
> 
> http://www.pluralsight.com/community/blogs/aaron/archive/2005/10/14/15571.as
> px has interesting information on how to build a custom http transport (i.e.
> start to program a foaf+ssl listener that behaves suitably for the foaf+ssl
> trust model - rather than the PKI trust model built into https).
> 
> 
> 
> 
> 
> From: Peter Williams [mailto:home_pw at msn.com] 
> Sent: Thursday, November 26, 2009 12:27 PM
> Cc: 'foaf-protocols at lists.foaf-project.org'
> Subject: RE: [foaf-protocols] inducing IE to treat its client cert selector
> much like an infocard selector
> 
> 
> 
> 
> 
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols

More information about the foaf-protocols mailing list