[foaf-protocols] Why exponent/modulus

Nathan nathan at webr3.org
Sat Sep 18 03:27:48 CEST 2010


Henry Story wrote:
> On 17 Sep 2010, at 23:44, Joe Presbrey wrote:
> 
>> On Fri, Sep 17, 2010 at 5:29 PM, Nathan <nathan at webr3.org> wrote:
>>> ! indeed, can you quickly confirm what'd be in $SERVER['REMOTE_USER']? -
>>> on first read I thought you meant the certificate in PEM format, on
>>> second read I figured you meant the webid having had full authn done.
>> Environment variables are well known and highly visible to developers
>> of all languages on all platforms. They never require non-core
>> libraries to access and are transparent to work with. Here's the
>> environment style I had proposed:
>>
>> REMOTE_USER=<http://presbrey.mit.edu/foaf#presbrey>
>> REMOTE_USER_NAME="Joe Presbrey"
>> REMOTE_USER_DEPICTION=<http://presbrey.mit.edu/self.jpg>
>> REMOTE_USER_KNOWS[0]=<http://www.w3.org/People/Berners-Lee/card#i>
>> REMOTE_USER_KNOWS[1]=<http://webr3.org/nathan#me>
>> REMOTE_USER_[PREDICATE]=[OBJECT]...
> 
> Would it also be possible to pass the public key too in those environemental
> variables for CGIs that would like to implement their own webid authentication
> methods? (could be something optional of course)?

should be (well yes, it is possible), also the client cert is already 
exposed and afaik tooling to grab the public key out of a certificate is 
widely implemented and reliable in most languages (certainly is in PHP!).

aside: if you're thinking a nice middle ground is to include on the 
public key rather than the full cert in our profiles then I'd happily +1 
that and forget the full cert idea, it's easy to implement in the big 
three (drupal/mediawiki/wordpress) we're discussing with no dependencies 
:) In fact if you drafted up the properties in the ontology I'd happily 
implement in libAuthenticate over the weekend if that was cool w/ 
melvin. (am I jumping the gun? :p)

Best,

Nathan


More information about the foaf-protocols mailing list