On May 16th I had a discussion with Melvin Carvalho about client side certificates on https://gitter.im/linkeddata/chat . I was not sure what they were, so I dug up some papers to try to understand it. I found "Using RDF Metadata to Enable Access Control on the Social Semantic Web" [1] and "FOAF+SSL: RESTful Authentication for the Social Web" [2]. I was trying to understand how Node SOLID Server [3] was set up because I was getting authentication an authorization errors.
Fortunately, I just found a document called "Client Side certificates" [4] by Tim Berners-Lee and a spec called "WebID-TLS" [5] .
[1] http://dig.csail.mit.edu/2009/Papers/ISWC/rdf-access-control/paper.pdf
[2] http://dig.csail.mit.edu/2009/Papers/SPOT/foaf-ssl-spot2009.pdf
[3] https://github.com/solid/node-solid-server
[4] https://www.w3.org/DesignIssues/Security-ClientCerts.html
[5] https://www.w3.org/2005/Incubator/webid/spec/tls/
Also note that mentioned in client side certificates is deprecated [1]. Perhaps we can fight for it as timbl suggests.
ReplyDelete[1] https://developer.mozilla.org/en-US/docs/Web/HTML/Element/keygen