[foaf-protocols] Poll on WebID Protocol Ontology Changes

[Nathan]

Toby Inkster wrote:
> On Tue, 05 Oct 2010 22:36:06 +0100
> Nathan <nathan at webr3.org> wrote:
> 
>> -----BEGIN PUBLIC KEY-----
>> MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD9tvsRWXEOruxpvulN9SaYCVAn
>> fmjV9m9M1Xp34C3Cl6WTjacjfFmmpSghwsAwHILKkBgYWY10UW1GUpiXZQW60l6E
>> bOwsD0tL8vP5VGMWyICmEimj5oGZGzfzhwqN1ZG+tS6VS7GHMnMnZwNPN2XaJj/Y
>> pPFL5aE8xgnXyYpoRwIDAQAB
>> -----END PUBLIC KEY-----
> 
> Apache doesn't expose this directly anyway, so you'd need to use an
> ASN.1 parser to pull it out of the certificate. I don't see how that
> significantly simplifies implementations.

because:
(1): it's one triple
(2): Pulling a public key out of a certificate is common, standard 
practise and is supported in most (all?) languages - pulling the 
exponent and modulus is not.

> Whatsmore, if I wanted to get this PEM key and put it in my FOAF, how
> do I do it without fiddling around with the openssl command-line
> client? If I look at my certificate in my browser's certificate manager
> (and I've checked this with Opera and Firefox), I can't find it. I can
> find the modulus in hex; I can find the exponent in hex (Opera) or
> decimal (Firefox); I can't find a PEM or DER encoded public key.

Which is all far from ideal for a web scale protocol, especially when we 
can create simple web pages / viewers to show the public key in PEM (or 
exponent/modulus).

How do people find there IP address? they google "whats my ip", sure 
they can find it if they try and read docs and follow guides - or they 
can just google and hit a page which tells them.

In reality, which do you think the bulk of the web is going to do?

Further, if webid takes off, then regardless of the implementation, 
browsers will need to support what users need in a much better manner 
than they do now, as dave says little id cards with pictures on it and 
any extra info - maybe a padlock for kicks and so forth.

As per always, imo

Best,

Nathan