[foaf-protocols] cert validator in WIF

peter williams home_pw at msn.com
Wed Mar 2 23:21:55 CET 2011



I know here we say that should one use a signed X token (with self-signed)
cert in tow, that the cert would be a webid (should if . have a SAN URI.
that is an http ref. to a foaf card. with a pubkey.in the right onological
form.). But, I doubt the spec will ever say that (since  its not ssl client
authn based client certs)


But, if it did, the above shows how to write and plugin a validator, using
the custom validation trust model.


Now, what I half remember is that should one get a client cert FROM an https
server endpoint (as CGI consumer), then there is a class that re-constructs
it as claim, and then the claim can be validated - like any other. I half
believe that this would invoke the trust model classes, and thus allow the
custom cert validator class to be fired off.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20110302/659c06be/attachment.htm 

More information about the foaf-protocols mailing list