kidehen at openlinksw.com
Wed Aug 11 00:51:28 CEST 2010
Henry Story wrote:
> On 10 Aug 2010, at 22:21, Kingsley Idehen wrote:
>>> What's your one-click wizard written in and how is it launched?
>> "one click" wizard is written using C# and .NET. The wizard is signed
>> which is mandatory for "one click" apps.
>> Making the root CA cert. and registering with the Cert. Manager DB
>> prior to actual Personal Cert. generqtion is essential for Windows to
>> work otherwise the Certs. you generate will be rejected.
> Could this be simplified by doing the following:
> - Write code that proovably creates a unique root certificate for the machine it is on.
> - get a root CA to certify this - and so have it work on all machines automatically
> Is that something one could do? If one could prove that the code can do absolutely no harm, perhaps a root CA would be willing to sign it?
> ( But I may not have understood the process yet)
Do note that: <https://id.myopenlink.net> has a conventional Cert.
signed by Thawte. Of course it doesn't have any extensions. Windows is
OK with certificates signed by a Thawte. This is part of how we get IE
and Windows going painlessly with WebID.
Thus, when you have access to a Windows machine try:
<https://id.myopenlink.net/ods> (signup and then login).
To conclude, the certificate on the server is conventional. The
certificates on the client (if Windows) okay if you have a local CA root
cert in place for issuing signed Certs. (which is what our Wizard
handles by letting to make both types of Certificates via a signed
"click once" application).
President & CEO
More information about the foaf-protocols