[OpenID] Join the foaf+ssl community and get OpenId for free

Peter Williams pwilliams at rapattoni.com
Mon Mar 23 20:03:03 UTC 2009 

As part of that exchange the server requests the client certificate. The client returns Romeo's (possible self signed) certificate, containing the little known X.509 v3 extensions section:

        X509v3 extensions:

           ...

           X509v3 Subject Alternative Name:

                           URI:http://romeo.net/#romeo



http://blogs.sun.com/bblfish/entry/foaf_ssl_adding_security_to





I had ISO add that extension (when they were looking to unlink X.509 from the X.500 naming hierarchy.) I didn't see much future in their focus : X.400 addresses, EDIFACT names, EAN, etc. The web seemed worth a venture, as the basis for trust networking.



And, how you are using it is what it was for (client side id, not pointing to server resources). Nice to see some pick it up (finally).



It took an act of Peter to make ISO understand (in 1995/6) the difference between a URI and an URL. Fortunately, I was able to that it was worth keeping the most generic form (so, in those days, we could have persistent URNs, too).



Ill look at the protocol flow for the foaf/rdf discovery and trust fabric more, later. Its looks very interesting.



However, If one looks at how OSPF and EIGRP and BGP and PIM use their different approaches to compute lowest cost paths through a dynamic graph (while avoiding the loops that occur as real systems fail), I cannot help thinking that we should be applying dynamic algorithms so it all scales. If a SPARQL based graph search is seen as equivalent to perform a memory-based SPF (shortest path first) calculation in OSPF algorithm, we would perhaps be able to learn from larger scale OSPF routing networks - seeing how folks engineered different layers of graphs resolution and applied summarization.. mostly so as not to overload the resources consumed at any one calculation point.





> -----Original Message-----

> From: general-bounces at openid.net [mailto:general-bounces at openid.net] On

> Behalf Of Story Henry

> Sent: Friday, March 20, 2009 8:22 AM

> To: OpenID General

> Subject: [OpenID] Join the foaf+ssl community and get OpenId for free

>

> Hi OpenId folks,

>

>         Toby Inkster today put together a simple OpenId server that

> uses foaf

> +ssl certificates for identification. The code to do this is less that

> 100 lines of perl.

>

>         I wrote up a summary of how this works, including links to the

> source, here:

>

>         http://blogs.sun.com/bblfish/entry/join_the_foaf_ssl_community

>

>

> Henry

>

>

> Blog: http://blogs.sun.com/bblfish

>

> _______________________________________________

> general mailing list

> general at openid.net

> http://openid.net/mailman/listinfo/general
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090323/e629b9f4/attachment-0002.htm>

More information about the general mailing list