Check the validity of a DigitalKey

The general way to proceed is to send a query to our directory service. Copy the following link, paste it in your browser, and add at the end of the link the "e-mail address" or "Common name" of a given DigitalKey. Alternatively, ou may also use your favorite #AddressBook

Example with e-mail address search
The link to copy
ldap://directory.openosi.org/ou=VirtualPeople,dc=openosi,dc=org??sub?mail=
The link in your browser updated with an e-mail address someone@example.com
ldap://directory.openosi.org/ou=VirtualPeople,dc=openosi,dc=org??sub?mail=someone@example.com

or ldap://directory.openosi.org/ou=VirtualPeople,dc=openosi,dc=org??sub?uid=someone@example.com

Example with common name search
The link to copy
ldap://directory.openosi.org/ou=VirtualPeople,dc=openosi,dc=org??sub?cn=
The link in your browser updated with a Common Name cn=SomeOne
ldap://directory.openosi.org/ou=VirtualPeople,dc=openosi,dc=org??sub?cn=SomeOne

SomeOne is not case sensitive ("SomeOne" is the same as "someone")
FirstnameLastname is the general form of a Common name (which is a kind of UID or login name)
Common Name is abbreviated by "cn" and is inside your DigitalKey subject (use your browser options to get it)

For advanced users, the general form of a query to our directory (directory.openosi.org) is an LDAP request, all standard parameters are accepted. BUT you only get one answer (not a list). This is because this directory is intended for Identity Check, not for general search. Of course you may use any LDAP tool instead of your browser. We recommend this open source one

Note: If you have multiple virtual identities under the same common name, this search will only returns the first one, to get the others you MUST know the corresponding E-mail address.

Example with address book search

The settings are similar in all address books, you have to follow these steps

1. Locate the settings (in outlook express it is Tools / account / add directory service ...)
2. Update the Internet directory server name directory.openosi.org
3. Update the port number of that directory server 389 this is default value
4. Update search base ou=microsoftwab,ou=cards,dc=openosi,dc=org

• Note that maximum number of matches to return is forced to 1 whatever number you enter
• Option: If you are an advanced user try to use port 636 for encrypted exchanges using your digital key
• Option: If you are an advanced user try to authentify with your DigitalKey (not UserName and UserPassword)

Then set the order of this directory server in the directory servers list that comes with your address book. You are ready to launch a search using e-mail address, Last name or Common name, or whatever. Check the more detailed procedure for #OutlookExpress

For others address books check here

You can check any DigitalKey (the public part)

You may have three reasons to check the validity of a DigitalKey

• Ensuring that a given virtual identity exists
• Retrieving the public key of some one to encrypt data for him before sending
• Check if a given DigitalKey is still valid (not revoked by th owner)

Ensuring that a given virtual identity exists

If you have the e-mail address of some one, AND you know that this address is protected by a openosi.org DigitalKey you may check the DigitalKey and retrieve the corresponding e-mail address, ensuring that way that tsi e-mail address really exists.

Retrieving the public key of some one

If you know that someone has an openosi.org DigitalKey, you may retrieve the public part of that key (the public key), and store it in a file or in an address book entry. Then you will be able to encrypt data with this public key before sending them. Only the recipient can, with it's private key decrypt the data. Many tools are available, check this link

Check if a given DigitalKey is still valid

When the owner of a DigitalKey thinks that it was compromised, he can revoke the validity of that DigitalKey and get a new one. Others cases of revocation exist. You can check against the directory if a DigitalKey is still valid or has changed. It is also possible that the DigitalKey expired. This could be the case when Identification is linked to a kind of membership or renewal fees.

Outlook express address book settings

The procedure is the same for all versions of Outlook Express but not for Outlook XP/2003 check and replace with appropriate values

• Standard Procedure:
  1. Start Outlook express.
  2. Click on the Tools menu and select Accounts .
  3. In the Internet Accounts window, click on the Directory Service tab.
  4. Click the Add button, and select Directory Service .
  5. This will start the Internet Connection Wizard. In the Internet Directory (LDAP) server: field, enter directory.openosi.org , and click Next.
  6. When presented with the option to "check addresses using this directory service", select No and click Next .
  7. Click Finish .
  8. In the Internet Accounts window, under the Directory Service tab, double-click on directory.openosi.org
  9. In the directory.openosi.org Properties window, click on the Advanced tab .
  10. In the Search base field, enter ou=VirtualPeople,dc=openosi,dc=org
  11. Click OK .
  12. Click Close in the Internet Accounts window.

• This completes the configuration. To initiate an LDAP query:
  1. Click on the Tools menu and select Address Book.
  2. Click on the Find People button inside the Address Book window.
  3. From the drop-down list labelled Look in: select directory.openosi.org
  4. Under the People tab, enter the text of your query (the name you want to search for) into the Name: field, and click the Find Now button (it is better to use e-mail address to get the DigitalKey).
  5. Results will appear below.