> published a linked identity with file:///etc/hosts https: is the preferred scheme for webID.. any MIME type that can describe the user using RDF is supported (text/html, text/turtle, JSONld)
doc http://csarven.ca/ user http://csarven.ca/#i (object with ID inside HTML doc): <address about="http://csarven.ca/#i"; typeof="foaf:Person" id="i" class="vcard author"> <span property="cert:modulus" datatype="xsd:hexBinary" content="CAF6A78D16E80F9.."></span> <span property="cert:exponent" datatype="xsd:integer" content="65537"></span> that's RDFa (attributes in HTML). in a pure data-format: ~ curl https://deiu.rww.io/profile/card.n3 public-key on webpage, private-key in-browser using client-certificate support built-in http://linkeddata.github.io/signup/ worked here to create a cert + import to firefox/chromium , say you lose your phone, a hacker figures out there's a .p12 private-key file the browser will export.. if you're fast, login + change the modulus/exponent values to make the old cert useless, keeping your same user URI if you run the server, you could do that even after an attacker minted a cert for the URI whose private-key you don't have so it's proably best if you control the website. but rww.io and similar services are trying to make it easy. and maybe there'd be email-based 'key reset/recovery' features in some of them eventually some servers which support this: https://github.com/linkeddata/gold https://github.com/linkeddata/node-ldp-httpd https://github.com/hallwaykid/pw https://github.com/read-write-web/rww-play _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
