[foaf-protocols] foafssl.org changes

Henry Story henry.story at bblfish.net
Wed Aug 31 18:53:19 CEST 2011


Hi, 

As I mentioned earlier I had to change foafssl.org server certificate as I changed my server and as the cert had expired. The new one that is up at https://foafssl.org/srv/idp/ has the following new features:

1. It uses a URL friendly base64 encoding of the signature to avoid odd issues
    http://commons.apache.org/codec/apidocs/org/apache/commons/codec/binary/Base64.html#encodeBase64URLSafeString%28byte[]%29

2. It has a new key. But they key is now published in RDF on the page itself. It should be the same public key as is used by the ssl layer which you can find with 

   $ openssl s_client -showcerts -connect foafssl.org:443 | openssl x509 -noout -text

  So if you have a library, you could test the ssl key if you get to many errors from time to time automatically.

  The URL is exactly as previously:

   $relyingService?webid=$webid&ts=$timeStamp&sig=$URLSignature

   The signature is signing the string 

   $relyingService?webid=$webid&ts=$timeStamp

Please let me know if you have any issues. Andrei found a bug in the signature. I am not absolutely sure it is fixed.

   Henry


Social Web Architect
http://bblfish.net/



More information about the foaf-protocols mailing list