[foaf-protocols] Why exponent/modulus

Toby Inkster tai at g5n.co.uk
Sun Sep 19 11:09:39 CEST 2010


On Fri, 17 Sep 2010 22:26:23 +0200
Melvin Carvalho <melvincarvalho at gmail.com> wrote:

> By the way we already have in WOT

In my initial thoughts on FOAF+TLS I suggested using an updated WOT:

http://lists.w3.org/Archives/Public/semantic-web/2008Mar/0207.html

I do think Henry's RSA vocab is a better way though.

Placing (or linking to) a PEM/DER-encoded certificate in ones FOAF file
would hit upon issues of canonicalisation. If you performed a naive
string comparison between the certificate used in the TLS connection,
and the one found in the FOAF file, you'd probably come along instances
where the strings differ but the certificates are essentially
equivalent.

So we're going to need to canonicalise values before we do a
comparison. Better to perform the canonicalisation in a space we
clearly understand (hexadecimal integers) rather than one we do not
understand so well (base64-encoded DER-serialised ASN1 structures).

In other news, I've just uploaded a developer version of my Perl
CGI::Auth::FOAF_SSL library which no longer depends on parsing the
command-line output of the OpenSSL binaries, amongst other improvements.

-- 
Toby A Inkster
<mailto:mail at tobyinkster.co.uk>
<http://tobyinkster.co.uk>



More information about the foaf-protocols mailing list