[foaf-protocols] Some basic questions prior to development ?

Story Henry henry.story at bblfish.net
Fri May 14 18:39:15 CEST 2010


On 14 May 2010, at 17:18, Nathan wrote:

> Seth Russell wrote:
>> I would like to ask some basic questions  before i invest a lot of time in
>> trying to develop foaf+ssl  as an option for my customer login .
>> 
>>   - How do my customers transfer their identity certificates from one
>>   browser to another and one computer to another?  Right now it appears to me
>>   that my identity is locked to my firefox browser on my desktop.  When, if
>>   ever, should i practically expect that a person's identity will be certified
>>   as the same across  all of  their devises whether they be desktop, home or
>>   work, laptop or handheld?
> 
> instead of doing the KEYGEN method you go for the normal method and 
> provide them with a pkcs12 (pref password protected) to download, then 
> they can stick it on any browser / client :)

You can do it even more easily Nathan. You just allow them to create a new
certificate with a new public private key for the new browser. All that needs to
be the same is the WebId. 

> all: I've been debating the concept of storing this on the server so 
> they can re-download it (a set number of times, say 3) to help with 
> "lost certificates", at the users discretion (link to it sent via email).

Yes, though I think even easier there would be to use the tried and tested 
password mechanism. A normal person is going to have no more than a few WebIds long
term. Passwords work in those situations. And they can be improved in a number of other ways.

Henry



More information about the foaf-protocols mailing list