[foaf-protocols] Some basic questions prior to development ?

mike amundsen mamund at yahoo.com
Fri May 14 18:28:08 CEST 2010


<snip>
http://esw.w3.org/Foaf%2Bssl/FAQ#Is_one_tied_to_using_only_one_browser_per_WebId_.3F
</snip>

Installing the same cert on all the browsers on all my machines took
some time and was a bit wonky (installing the cert for Chromium on
Ubuntu is still a command-line adventure!). I also keep a signed back
up of my personal cert in dropbox so that it's available when I am at
another location or need to add it to my office machine, etc.

However, the key drawback for FOAF+SSL is that I can't easily use it
on public computers when I an traveling. Luckily I almost always have
a personal device w/ me that has my personal cert installed, but
sometimes that's not the case.

Most people will do most of their authentication work from the same
machines most of the time, but until WebID is perceived to be as
portable as simple user/password authentication, there will be
pushback to deal with.

mca
http://amundsen.com/blog/

> On Fri, May 14, 2010 at 12:12, Story Henry <henry.story at bblfish.net> wrote:
>>
>> On 14 May 2010, at 16:54, Seth Russell wrote:
>>
>>> I would like to ask some basic questions  before i invest a lot of time in
>>> trying to develop foaf+ssl  as an option for my customer login .
>>>
>>>   - How do my customers transfer their identity certificates from one
>>>   browser to another and one computer to another?  Right now it appears to me
>>>   that my identity is locked to my firefox browser on my desktop.  When, if
>>>   ever, should i practically expect that a person's identity will be certified
>>>   as the same across  all of  their devises whether they be desktop, home or
>>>   work, laptop or handheld?
>>
>> You are using http://foaf.me/ right? It's on their todo list to make it easy to
>> create multiple certificates per user.
>>
>> http://esw.w3.org/Foaf%2Bssl/FAQ#Is_one_tied_to_using_only_one_browser_per_WebId_.3F
>>
>>
>>>   - As a developer what string should i store on my server to re identify
>>>   my customer?  Is it the cert#hex, the cert#decimal, both or neither?  And
>>>   will that be the same information when my customer re-identifies themselves
>>>   on another device?
>>
>> The WebId, ie http://foaf.me/bbflish#me
>> And it is the same id for any device.
>>
>> foaf.me does not yet support this easily. http://webid.myxwiki.org/ does. More apps
>> should make this even better.
>>
>>
>>>   - As a user how do i add information to my public profile - assuming that
>>>   i don't know how to write RDF?
>>
>> You fill in forms like you do on any other Web2.0 application. The better ones will
>> learn things from your behaviour.
>>
>> The server then published the rdfa or rdf/xml to go with it, but that is hidden to the user.
>>
>>>   - As a developer how do i retrieve that information?
>>
>> Well you can start by doing an HTTP GET on the Web Id
>>
>>>   - As a business owner, assuming a best case scenario, when can i expect
>>>   that there will be a substantial number of people with certificates in their
>>>   browsers?
>>
>> The more implementations we have that are user friendly, the faster it will grow.
>> It took 5 years for Facebook to get to the size it is now. FB could adopt WebIds in a few months of work (that long, because at their size there is much more testing that needs to be done), and then there would be 400 million potential users. So it's a bit unpredictable.
>>
>>>   - Are any of the Titans of the industry indicating that they will support
>>>   this; Micorsoft, Google, Facebook, Twitter, Apple?
>>
>> No, they tend to be taken up by more complex protocols. But in some ways they all
>> already do support it, because they support TCP/IP, https, X.509. We are not inventing
>> much new here.
>>
>> The open source community is starting to move I think much more slowly, so we should have
>> more apps. Hopefully the competition will help improve the quality.
>>
>>> In any case i like and support your efforts :)  The
>>> mentograph<http://robustai.net/mentography/Mentography.html>of my
>>> public
>>> foaf document <http://foaf.me/seth> is
>>> here<http://robustai.net/mentography/foafMe.gif>,
>>> thanks to The W3C RDF validator <http://www.w3.org/RDF/Validator/> -
>>> unfortunately i don't know how to add information to it, or retrieve
>>> information from it.
>>
>> That is a nice and useful visualisation tool of rdf. But not useful for editing.
>>
>> What language are you programming in, that very simple application you showed me.
>>
>> Henry
>>
>>>
>>>
>>> Seth Russell
>>> Alpha testing: tagtalking.net
>>> Facebook ing: facebook.com/russell.seth
>>> Twitter ing: twitter.com/SethRussell
>>> Blogging: fastblogit.com/seth/
>>> Catalog selling: www.speaktomecatalog.com
>>> Google profile: google.com/profiles/russell.seth
>>> _______________________________________________
>>> foaf-protocols mailing list
>>> foaf-protocols at lists.foaf-project.org
>>> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>>
>> _______________________________________________
>> foaf-protocols mailing list
>> foaf-protocols at lists.foaf-project.org
>> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>>
>


More information about the foaf-protocols mailing list