W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2008

Re: sketch of a simple authentication protocol

From: Story Henry <henry.story@bblfish.net>
Date: Thu, 3 Apr 2008 11:15:26 +0200
Cc: Semantic Web <semantic-web@w3.org>, foaf-dev Friend of a <foaf-dev@lists.foaf-project.org>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <96CC8859-A42F-477A-A4B6-C25A9B5E3072@bblfish.net>
To: Toby A Inkster <tai@g5n.co.uk>
On 3 Apr 2008, at 10:55, Toby A Inkster wrote:
> On 2 Apr 2008, at 15:52, Story Henry wrote:
>
>> I thought it would be fun to represent your answer [1] with a  
>> Sequence Diagram to make sure I have really understood what you are  
>> saying. It is even simpler that the previous sketch.
>
>
> Yep, that's pretty much it.

great. I am now checking to see how difficult it is to get this X501  
information with Java libraries. It would be fun to get a demo going.

> An additional detail which is missing in your diagramme is: what  
> happens if Romeo's client doesn't send an Agent-Id header (I used  
> HTTP "From" header originally, but it doesn't really matter what the  
> header is called) or Juliette decides she doesn't trust Romeo. I  
> originally specified that a simple copy of the public profile should  
> be returned, but instead I think perhaps a 302 redirect back to the  
> public profile is more appropriate.

makes sense. I'll add a note in the commentaries if I can get this to  
work.

> Also, I'd like to make a bid to explicitly allow XHTML+RDFa to be  
> used for the public profiles (and if implementations are going to  
> need to support it for public profiles, we might as well also allow  
> it for private profiles!). With that in place, a person can decide  
> to use the same URI for:
>
> 	* their (human-readable) homepage;
> 	* their FOAF profile for use in this protocol; and
> 	* their OpenID identifier.

Of course. In the initial sketch I had made that explicit. Any RDF  
representation, including GRDDLEable Xml should be ok.

> If we insisted that their profile URI be RDF/XML, then that couldn't  
> happen (except perhaps with some sort of content negotiation going  
> on  I've not thought out the details).

Well the beautify of semantics is that we can abstract on the  
representation.
:-)

Henry

> -- 
> Toby A Inkster
> <mailto:mail@tobyinkster.co.uk>
> <http://tobyinkster.co.uk>
>
>
>



Received on Thursday, 3 April 2008 09:16:48 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:46 GMT