[foaf-protocols] Some basic questions prior to development ?
Bruno.Harbulot at manchester.ac.uk
Fri May 14 18:47:23 CEST 2010
On 14/05/10 16:54, Seth Russell wrote:
> I would like to ask some basic questions before i invest a lot of time
> in trying to develop foaf+ssl as an option for my customer login .
> * How do my customers transfer their identity certificates from one
> browser to another and one computer to another? Right now it
> appears to me that my identity is locked to my firefox browser on
> my desktop. When, if ever, should i practically expect that a
> person's identity will be certified as the same across all of
> their devises whether they be desktop, home or work, laptop or
You can export the private key and the certificate from the browser,
usually in a PKCS#12 file (.p12).
In Firefox, if you go in Preferences -> Advanced -> Encryption -> View
Certificates and choose one of your certificates, you should be able to
click on 'Backup...'. This will produce a password-protected p12 file
which you can then import on other browsers/machines. It can be imported
for Internet Explorer, Opera, Safari/KeyChain, or used directly by Java
applications, for example, without specific add-ons.
Alternatively (and I'm not sure how far the various libraries support
this at this stage), there is a possibility to associate multiple public
keys to the same WebID, so as to be able to have a key per device.
> * As a developer what string should i store on my server to re
> identify my customer? Is it the cert#hex, the cert#decimal, both
> or neither? And will that be the same information when my
> customer re-identifies themselves on another devise?
To some extent, the main focus of FOAF+SSL aren't really FOAF or SSL,
but rather the concept of a WebID (which you can link to and from using
semantic web descriptions). FOAF+SSL is then the mechanism that allows
you to verify that ID (via a public key, FOAF and SSL).
> * As a user how do i add information to my public profile - assuming
> that i don't know how to write RDF?
It depends on the service that provides the user with their FOAF files.
There may be some cool interfaces that let you write information with a
good interface. <http://foaf.me> is a good example, but you might still
need to know a bit of FOAF/RDF at this stage.
> * As a developer how do i retrieve that information?
This is done via RDF libraries and associated queries (usually SPARQL or
similar). You'd need some understanding of RDF there.
> * As a business owner, assuming a best case scenario, when can i
> expect that there will be a substantial number of people with
> certificates in their browsers?
Hard to say, sorry. I guess it depends on the user perception regarding
the use of certificates. They often consider it complicated in
full-blown PKIs in my experience. However, FOAF+SSL simplifies the
registration process (which I think is the heavy administrative part
I guess it's also going to be a question of added-value to complexity
ratio. It will probably depend on having a cool service that lets you do
certain things because you have a WebID and a FOAF+SSL certificate.
Currently, I think most users are quite happy to be tied to their
Facebook or Google account to provide their identity. Privacy is barely
a concern for a number users (or at least it's a concept that people are
interested in, but don't really know what to do about it).
Things might change for example when Facebook make public more and more
information that was meant to be private in the first place.
I think it also depends on what your range of users your business is
targeting. It might get more success for services that are offered as
part of partnerships between companies, for example, where a user from
one company would be able to get access to services in other companies
using the WebID as the global authentication system, while retaining
independence with respect to the identity provider.
> * Are any of the Titans of the industry indicating that they will
> support this; Micorsoft, Google, Facebook, Twitter, Apple?
Not yet, as far as I know.
More information about the foaf-protocols