Welcome to the Web ID XWiki

Last modified by Sanjay Jangid on 2024/04/17 14:46

IconError

This wiki was the work of Henry Story. It's no longer maintained and the instructions probably don't work anymore.

Some recent progress on webid:

About WedId support

This is a playground for FOAF+SSL integration in XWiki. 

WebId's are so simple to make and to use, that it is difficult to explain. The following screen cast does this better than any HOWTO could:

With foaf+ssl, you no longer need to type a username or remember a password. Public Key Cryptography takes care of that. As Dan Kaminsky pointed out in a few of his speeches, the major security problem on the web are passwords. 60% of security breaches can be attributed to them. Why are they still so ubiquitous?  Because the only secure contender, SSL - the protocol that gave us online shopping - and  X.509 were too expensive and complex for end users. But this need to be so. By tying X.509 to the semantic web, we solve the major problem of cost, and introduce powerful flexibility. On the server side DNSsec will solve the other half of the problem. See the recent thread on the foaf-protocols list.

Currently you can get yourself an account on here, the normal way, then create yourself a WebID

HOWTO

  • Create an account here with a password
  • On your profile page create a WebId: just click the "create certificate request" button and a certificate will be added to your browser (likely need to restart your browser)
  • You can then login to a growing number of sites with one click. No more username or password to type!

The idea is that you only need one account (though you can have a few) to login to all other sites. Ideally this account would be on a server you control.

Features

  • When you get yourself a WebId you automatically get an OpenId too that uses foaf+ssl authentication via http://openid4.me/ . The openid is a bit ugly for the moment (it is too long). Making it shorter is on the todo list below.

Todo

  • of course the certificates created here should be created behind https in order to avoid a man in the middle attack in the certificate generation process
     (given that WebIds are not being used for anything much this is not an urgent issue - but of course people will point this out)
  • Looking for ways to simplify IE cert creation!!! Please let us know of any cool tricks you may know of.
  • Public profiles should have beautiful URLs, and short ones too ( something like http://webid.myxwiki.org/id/bblfish )
  • The public profiles should also return minimal html as as can be had by adding ?xpage=plain at the user profile
    http://webid.myxwiki.org/xwiki/bin/view/XWiki/Natanael_L?xpage=plain
      This cuts the page size down by 4.
  • Add the ability to login to this site using WebIDs create elsewhere (or from this site). We will do this in two steps
    1. Use an external FOAF+SSL identity provider, such as https://foafssl.org/srv/idp
    2. Build a component that can be added to XWiki or Restlets so as to not require an external IDP (this will require support for https though)
  • Add Access Controls to parts of this wiki for members of given foaf:Groups
  • [enter your idea]

Web site Issues

XWiki deploys profiles in  RDFa, which is still very new. A lot of the foaf+ssl community is just moving over to supporting that, so
a number of sites will seem broken when attaching from here.

  • The Cheese Lover's club is not functioning
  • Ontowiki's login feedback is way too minimal for the moment

Browser issues

  • None of the browsers are good at showing the user which cert he is using. But developments are on their way:
  • Firefox and Opera work very well. 
  • for Chrome on OSX try the latest development snapshots . ( issue 37765 was fixed 16 March )
  • Safari on OSX has the same issue as Chrome above, but it is very difficult to get any response from their developers through their bug database. If you know how to bring their attention please do.

Please feel free to get an account and edit this wiki. Send feedback to the foaf-protocols mailing list

Code

The code to add to XWiki to enable this is available here http://github.com/bblfish/keygenapp in the xwiki subdirectory

More about XWiki itself

This is a wiki, ie an easy-to-edit website that will help you work better together. This Wiki is made of pages sorted by spaces. You're currently in the Main space, looking at its home page (WebHome). 

Failed to execute the [velocity] macro. Cause: [The execution of the [velocity] script macro is not allowed in [webid:Main.Dashboard]. Check the rights of its last author or the parameters if it's rendered from another script.]. Click on this message for details.