[foaf-protocols] WebID breakthrough - pure Javascript+Flash implementation

Manu Sporny msporny at digitalbazaar.com
Sat Aug 7 23:11:10 CEST 2010

We've been able to make a fairly significant breakthrough re: WebID in
the past several weeks.

Our engineering team has put together a pure Javascript+Flash
implementation of WebID (client and server). This includes everything
from certificate generation (replacing <keygen>) to storage (via Flash
object storage) and client-side certificate negotiation of TLS connections.

WebID – Universal Login for the Web

This is a big deal because we think that we may be able to get this
stuff to work in IE 7 and many of the older browsers. We may be able to
achieve 90%+ penetration for WebID in the browser. The interface to
select client-side certificates would be unified across all websites and
all browsers, including IE, Firefox, Chrome, Opera and Safari (since
it's all HTML+CSS+Javascript).

If you want to skip the blog post explaining this stuff, you can go
straight to the WebID management page here (you will have to accept the
bogus SSL certificates for the time being, we haven't bought verified
SSL certificates for either site, yet):


Or a sample login page here:


Your current WebIDs won't work with the demo because they exist in the
browser's certificate chain and not the Flash storage object. We'll want
to discuss the ramifications of this new breakthrough on the call on

I'll send out an agenda soon.

-- manu

Manu Sporny (skype: msporny, twitter: manusporny)
President/CEO - Digital Bazaar, Inc.
blog: WebApp Security - A jQuery Javascript-native SSL/TLS library

More information about the foaf-protocols mailing list