Welcome to the Web ID XWiki

Version 51.1 by Henry Story on 2010/03/21 16:19
Warning: For security reasons, the document is displayed in restricted mode as it is not the current version. There may be differences and errors due to this.

About WedId support

This is a playground for FOAF+SSL integration in XWiki. 

With foaf+ssl, you no longer need to type a username or remember a password. Public Key Cryptography takes care of that. As Dan Kaminsky pointed out in a few of his speeches, the major security problem on the web are passwords. 60% of security breaches can be attributed to this technology. Why is it still here? Because the way X.509 was used did not work. By tying X.509 to the semantic web, we solve the major problem on the client side. On the server side DNSsec will solve the other half of the problem. See the recent thread on the foaf-protocols list.

Currently you can get yourself an account on here, the normal way, then create yourself a WebID

HOWTO

  • Create an account here with a password
  • On your profile page create a WebId: just click the "create certificate request" button and a certificate will be added to your browser
  • You can then login to a growing number of sites with one click. No more username or password to type!

The idea is that you only need one account (though you can have a few) to login to all other sites. Ideally this account would be on a server you control.

Features

  • When you get yourself a WebId you automatically get an OpenId too that uses foaf+ssl authentication via http://openid4.me/ . The openid is a bit ugly for the moment (it is too long). Making it shorter is on the todo list below.

Todo

  • of course the certificates created here should be created behind https in order to avoid a man in the middle attack in the certificate generation process
     (given that WebIds are not being used for anything much this is not an urgent issue - but of course people will point this out)
  • Looking for ways to simplify IE cert creation!!! Please let us know of any cool tricks you may know of.
  • Public profiles should have beautiful URLs, and short ones too ( something like http://webid.myxwiki.org/id/bblfish )
  • Add the ability to login to this site using WebIDs create elsewhere (or from this site). We will do this in two steps
    1. Use an external FOAF+SSL identity provider, such as https://foafssl.org/srv/idp
    2. Build a component that can be added to XWiki or Restlets so as to not require an external IDP (this will require support for https though)
  • Add Access Controls to parts of this wiki for members of given foaf:Groups
  • [enter your idea]

Web site Issues

XWiki deploys profiles in  RDFa, which is still very new. A lot of the foaf+ssl community is just moving over to supporting that, so
a number of sites will seem broken when attaching from here.

  • The Cheese Lover's club is not functioning
  • Ontowiki's login feedback is way too minimal for the moment

Browser issues

  • None of the browsers are good at showing the user which cert he is using. But developments are on their way:
  • Firefox and Opera work very well. 
  • for Chrome on OSX try the latest development snapshots . ( issue 37765 was fixed 16 March )
  • Safari on OSX has the same issue as Chrome above, but it is very difficult to get any response from their developers through their bug database. If you know how to bring their attention please do.

Please feel free to get an account and edit this wiki. Send feedback to the foaf-protocols mailing list

Code

The code to add to XWiki to enable this is available here http://github.com/bblfish/keygenapp in the xwiki subdirectory

More about XWiki itself

This is a wiki, ie an easy-to-edit website that will help you work better together. This Wiki is made of pages sorted by spaces. You're currently in the Main space, looking at its home page (WebHome). 

Failed to execute the [velocity] macro. Cause: [The execution of the [velocity] script macro is not allowed in [webid:Main.WebHome]. Check the rights of its last author or the parameters if it's rendered from another script.]. Click on this message for details.

Failed to execute the [velocity] macro. Cause: [The execution of the [velocity] script macro is not allowed in [webid:Main.Dashboard]. Check the rights of its last author or the parameters if it's rendered from another script.]. Click on this message for details.