identity page

Posted on January 19, 2012 by home_pw

This post demonstrates how I can use a Blogspot hosted blog post to store Identity oriented claims that mirror those in my local keychain hosted x.509 certificate. The steps for achieving this were defined by Kingsley Uyi Idehen, as follows:

  1. Write post — this creates the place holder your claims
  2. Publish post — this gets you a URL for the location of your claims
  3. Generate Certificate — using a generator of your choice [1][2] generate an x.509 certificate with a WebID watermark in the subjectAlternateName slot using an HTTP scheme URI based Name of the form: {Blog-Post-Permalink}#this e.g., http://kidehen.blogspot.com/2012/01/hcard-inside-post-as-identity-provider.html#this
  4. Then return to your blog post and insert a hCard snippet that mirrors the identity claims in the x.509 certificate you’ve just generated (see snippet template and example further down)
  5. Save and publish blog post
  6. Use a WebID verifier [3][4] to verify you WebID i.e., lookup your Blog post for the claims made in your x.509 certificate (specifically, that your WebID identifies the Subject of the Certificate)
  7. Done!
hCard Template:
 
  <div id=”hcard” class=”vcard”>
  <a class=”url fn” href=”{WebID}”>@peter(BrowserID 2)</a>
  <a class=”email” href=”{mailto: URI}”>{Email-Address}</a>
  <a class=”key” href=”{data: URI for Public Key in DER}”>Public Key</a>
  <a class=”key” href=”{Certificate URL}”>Public Key Ref</a>
  </div>
 
When I try it using my yorkporc.blogspot.com identity page, I get success and a return link
 
Excerpts from actual hCard snippet embedded in this (wordpress) post:

About home_pw

Computer Programmer who often does network administration with focus on security servers. Sometimes plays at slot machine programming.
This entry was posted in webid. Bookmark the permalink.