[foaf-protocols] Some basic questions prior to development ?

mike amundsen mamund at yahoo.com
Fri May 14 19:21:10 CEST 2010 

Henry:
<snip>
> We (somone) should develop a simple CGI for people in your position
> to do keygen generation, and add the information to your foaf file.
> That would be quite little but useful script.
</snip>

As a first step, one possibility would be a step on the provider site
(e.g. webid.myxwiki.org) where I generate my temporary cert that
produces the RSAPublicKey block, displays it in a textarea to me,  and
provides hints on how to "copy-paste" that block directly in my
self-hosted FOAF.

Also, I know that my situation is not the "target audience". Thanks
for helping me sort things out.

mca
http://amundsen.com/blog/




On Fri, May 14, 2010 at 13:14, Story Henry <henry.story at bblfish.net> wrote:
>
> On 14 May 2010, at 18:11, mike amundsen wrote:
>
>> Henry:
>>
>> Sorry, I was careless in my last post.
>
>> I host my own FOAF on my own server. How is it that webid.myxwiki.org
>> will be writing to that file when I add a temporary cert?
>
> Ah ok. No it should not.
>
> We (somone) should develop a simple CGI for people in your position
> to do keygen generation, and add the information to your foaf file.
> That would be quite little but useful script.
>
> Henry
>
>
>>
>> mca
>> http://amundsen.com/blog/
>>
>>
>>
>>
>> On Fri, May 14, 2010 at 13:03, Story Henry <henry.story at bblfish.net> wrote:
>>>
>>> On 14 May 2010, at 17:52, mike amundsen wrote:
>>>
>>>> <snip>
>>>>>>> http://esw.w3.org/Foaf%2Bssl/FAQ#How_does_FOAF.2BSSL_work_with_public_terminals_.3F
>>>>>> Again, I'll need to install these temp keys in my FOAF, right?
>>>>>
>>>>> The WebId server should do that for you automatically, invisibly, transparently.
>>>> </snip>
>>>> I'd be surprised (and annoyed) to learn that providers are accessing
>>>> my personal web server and writing directly to my FOAF file i keep
>>>> there under a secured folder.
>>>
>>> Here you are unlike the 400 million users of Facebook, who allow Facebook to add information to their profile every day.
>>>
>>> @mamund, does it bother you when you use twitter and someone follows you that twitter adds that person as a follower to your file?
>>>
>>> If that is the case, then get the WebId server software, install it in on your computer, and place that computer in a secure place in your house. There is nothing stopping you from owning your WebId server. In fact that is the whole point of foaf+ssl.
>>>
>>> Henry
>>>
>>>
>>>> mca
>>>> http://amundsen.com/blog/
>>>>
>>>>
>>>>
>>>>
>>>> On Fri, May 14, 2010 at 12:46, Story Henry <henry.story at bblfish.net> wrote:
>>>>>
>>>>> On 14 May 2010, at 17:41, mike amundsen wrote:
>>>>>
>>>>>>> Euh. Perhaps the answer on the FAQ was too short.
>>>>>>> You don't need to move a certificate from one browser to another, you just create a new one - it is one click away on http://webid.myxwiki.org/
>>>>>> If I have more than one cert created @ http://webid.myxwiki.org/, I
>>>>>> need to store each of them in my FOAF file, right?
>>>>>
>>>>> If you create an account on http://webid.mywiki.org/ and go to your accunt
>>>>> when you create a certificate by clickin the create cert button, it will create a
>>>>> certificate, and the server will add the relevant info to your foaf file automatically.
>>>>>
>>>>> The user just clicks one button.
>>>>>
>>>>> reload the page and you will see your cert in rdfa on that page.
>>>>>
>>>>>>
>>>>>>> A good WebId provier would allow you to login with a one time password
>>>>>>> and allow you to create a time limited password.
>>>>>>>
>>>>>>> http://esw.w3.org/Foaf%2Bssl/FAQ#How_does_FOAF.2BSSL_work_with_public_terminals_.3F
>>>>>> Again, I'll need to install these temp keys in my FOAF, right?
>>>>>
>>>>> The WebId server should do that for you automatically, invisibly, transparently.
>>>>>
>>>>> Henry
>>>>>
>>>>>>
>>>>>> mca
>>>>>> http://amundsen.com/blog/
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, May 14, 2010 at 12:35, Story Henry <henry.story at bblfish.net> wrote:
>>>>>>>
>>>>>>> On 14 May 2010, at 17:24, mike amundsen wrote:
>>>>>>>
>>>>>>>> <snip>
>>>>>>>> http://esw.w3.org/Foaf%2Bssl/FAQ#Is_one_tied_to_using_only_one_browser_per_WebId_.3F
>>>>>>>> </snip>
>>>>>>>>
>>>>>>>> Installing the same cert on all the browsers on all my machines took
>>>>>>>> some time and was a bit wonky (installing the cert for Chromium on
>>>>>>>> Ubuntu is still a command-line adventure!). I also keep a signed back
>>>>>>>> up of my personal cert in dropbox so that it's available when I am at
>>>>>>>> another location or need to add it to my office machine, etc.
>>>>>>>
>>>>>>> Euh. Perhaps the answer on the FAQ was too short.
>>>>>>> You don't need to move a certificate from one browser to another, you just create a new one - it is one click away on http://webid.myxwiki.org/
>>>>>>>
>>>>>>> http://esw.w3.org/Foaf%2Bssl/FAQ#It_is_complex_to_copy_certificates_from_one_browser_to_another
>>>>>>>
>>>>>>> Your WebId provider is the one where you have a password. Then you create a new certificate for each browser you use.
>>>>>>>
>>>>>>>>
>>>>>>>> However, the key drawback for FOAF+SSL is that I can't easily use it
>>>>>>>> on public computers when I an traveling. Luckily I almost always have
>>>>>>>> a personal device w/ me that has my personal cert installed, but
>>>>>>>> sometimes that's not the case.
>>>>>>>
>>>>>>> A good WebId provier would allow you to login with a one time password
>>>>>>> and allow you to create a time limited password.
>>>>>>>
>>>>>>> http://esw.w3.org/Foaf%2Bssl/FAQ#How_does_FOAF.2BSSL_work_with_public_terminals_.3F
>>>>>>>
>>>>>>>>
>>>>>>>> Most people will do most of their authentication work from the same
>>>>>>>> machines most of the time, but until WebID is perceived to be as
>>>>>>>> portable as simple user/password authentication, there will be
>>>>>>>> pushback to deal with.
>>>>>>>
>>>>>>> Ok, so it's done then :-) That problem does not exist, or rather a good implementation resolves it.
>>>>>>>
>>>>>>> myxwiki shows the way to do it, though it can be much improved, for sure.
>>>>>>>
>>>>>>> Henry
>>>>>>>
>>>>>>>>
>>>>>>>> mca
>>>>>>>> http://amundsen.com/blog/
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Fri, May 14, 2010 at 12:12, Story Henry <henry.story at bblfish.net> wrote:
>>>>>>>>>
>>>>>>>>> On 14 May 2010, at 16:54, Seth Russell wrote:
>>>>>>>>>
>>>>>>>>>> I would like to ask some basic questions  before i invest a lot of time in
>>>>>>>>>> trying to develop foaf+ssl  as an option for my customer login .
>>>>>>>>>>
>>>>>>>>>>   - How do my customers transfer their identity certificates from one
>>>>>>>>>>   browser to another and one computer to another?  Right now it appears to me
>>>>>>>>>>   that my identity is locked to my firefox browser on my desktop.  When, if
>>>>>>>>>>   ever, should i practically expect that a person's identity will be certified
>>>>>>>>>>   as the same across  all of  their devises whether they be desktop, home or
>>>>>>>>>>   work, laptop or handheld?
>>>>>>>>>
>>>>>>>>> You are using http://foaf.me/ right? It's on their todo list to make it easy to
>>>>>>>>> create multiple certificates per user.
>>>>>>>>>
>>>>>>>>> http://esw.w3.org/Foaf%2Bssl/FAQ#Is_one_tied_to_using_only_one_browser_per_WebId_.3F
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>   - As a developer what string should i store on my server to re identify
>>>>>>>>>>   my customer?  Is it the cert#hex, the cert#decimal, both or neither?  And
>>>>>>>>>>   will that be the same information when my customer re-identifies themselves
>>>>>>>>>>   on another device?
>>>>>>>>>
>>>>>>>>> The WebId, ie http://foaf.me/bbflish#me
>>>>>>>>> And it is the same id for any device.
>>>>>>>>>
>>>>>>>>> foaf.me does not yet support this easily. http://webid.myxwiki.org/ does. More apps
>>>>>>>>> should make this even better.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>   - As a user how do i add information to my public profile - assuming that
>>>>>>>>>>   i don't know how to write RDF?
>>>>>>>>>
>>>>>>>>> You fill in forms like you do on any other Web2.0 application. The better ones will
>>>>>>>>> learn things from your behaviour.
>>>>>>>>>
>>>>>>>>> The server then published the rdfa or rdf/xml to go with it, but that is hidden to the user.
>>>>>>>>>
>>>>>>>>>>   - As a developer how do i retrieve that information?
>>>>>>>>>
>>>>>>>>> Well you can start by doing an HTTP GET on the Web Id
>>>>>>>>>
>>>>>>>>>>   - As a business owner, assuming a best case scenario, when can i expect
>>>>>>>>>>   that there will be a substantial number of people with certificates in their
>>>>>>>>>>   browsers?
>>>>>>>>>
>>>>>>>>> The more implementations we have that are user friendly, the faster it will grow.
>>>>>>>>> It took 5 years for Facebook to get to the size it is now. FB could adopt WebIds in a few months of work (that long, because at their size there is much more testing that needs to be done), and then there would be 400 million potential users. So it's a bit unpredictable.
>>>>>>>>>
>>>>>>>>>>   - Are any of the Titans of the industry indicating that they will support
>>>>>>>>>>   this; Micorsoft, Google, Facebook, Twitter, Apple?
>>>>>>>>>
>>>>>>>>> No, they tend to be taken up by more complex protocols. But in some ways they all
>>>>>>>>> already do support it, because they support TCP/IP, https, X.509. We are not inventing
>>>>>>>>> much new here.
>>>>>>>>>
>>>>>>>>> The open source community is starting to move I think much more slowly, so we should have
>>>>>>>>> more apps. Hopefully the competition will help improve the quality.
>>>>>>>>>
>>>>>>>>>> In any case i like and support your efforts :)  The
>>>>>>>>>> mentograph<http://robustai.net/mentography/Mentography.html>of my
>>>>>>>>>> public
>>>>>>>>>> foaf document <http://foaf.me/seth> is
>>>>>>>>>> here<http://robustai.net/mentography/foafMe.gif>,
>>>>>>>>>> thanks to The W3C RDF validator <http://www.w3.org/RDF/Validator/> -
>>>>>>>>>> unfortunately i don't know how to add information to it, or retrieve
>>>>>>>>>> information from it.
>>>>>>>>>
>>>>>>>>> That is a nice and useful visualisation tool of rdf. But not useful for editing.
>>>>>>>>>
>>>>>>>>> What language are you programming in, that very simple application you showed me.
>>>>>>>>>
>>>>>>>>> Henry
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Seth Russell
>>>>>>>>>> Alpha testing: tagtalking.net
>>>>>>>>>> Facebook ing: facebook.com/russell.seth
>>>>>>>>>> Twitter ing: twitter.com/SethRussell
>>>>>>>>>> Blogging: fastblogit.com/seth/
>>>>>>>>>> Catalog selling: www.speaktomecatalog.com
>>>>>>>>>> Google profile: google.com/profiles/russell.seth
>>>>>>>>>> _______________________________________________
>>>>>>>>>> foaf-protocols mailing list
>>>>>>>>>> foaf-protocols at lists.foaf-project.org
>>>>>>>>>> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> foaf-protocols mailing list
>>>>>>>>> foaf-protocols at lists.foaf-project.org
>>>>>>>>> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>
>>>>>
>>>
>>>
>
>

More information about the foaf-protocols mailing list