[foaf-protocols] Contd: WebID breakthrough - pure Javascript+Flash implementation

Kingsley Idehen kidehen at openlinksw.com
Wed Aug 11 00:51:28 CEST 2010

Henry Story wrote:
> On 10 Aug 2010, at 22:21, Kingsley Idehen wrote:
>>> What's your one-click wizard written in and how is it launched?
>> "one click" wizard is written using C# and .NET. The wizard is signed 
>> which is mandatory for "one click" apps.
>> Making the root CA cert. and registering with the Cert. Manager DB  
>> prior to actual Personal Cert. generqtion is essential for Windows to 
>> work otherwise the Certs. you generate will be rejected.
> Could this be simplified by doing the following:
>   - Write code that proovably creates a unique root certificate for the machine it is on. 
>   - get a root CA to certify this - and so have it work on all machines automatically
>    Is that something one could do? If one could prove that the code can do absolutely no harm, perhaps a root CA would be willing to sign it? 
>   ( But I may not have understood the process yet)
> Henry
>> Kingsley

Do note that: <https://id.myopenlink.net> has a conventional Cert. 
signed by Thawte. Of course it doesn't have any extensions. Windows is 
OK with certificates signed by a Thawte. This is part of how we get IE 
and Windows going painlessly with WebID.

Thus, when you have access to a Windows machine try: 
<https://id.myopenlink.net/ods> (signup and then login).

To conclude, the certificate on the server is conventional. The 
certificates on the client (if Windows) okay if you have a local CA root 
cert in place for issuing signed Certs. (which is what our Wizard 
handles by letting to make both types of Certificates via a signed 
"click once" application).



Kingsley Idehen	      
President & CEO 
OpenLink Software     
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen 

More information about the foaf-protocols mailing list