Re: WebID verification services from Timothy Holborn on 2014-11-03 (public-webid@w3.org from November 2014)

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Mon, 3 Nov 2014 20:52:09 +1100
To: Melvin Carvalho <melvincarvalho@gmail.com>
Cc: public-webid <public-webid@w3.org>
Message-ID: <CAM1Sok1mj7-2Y0b1Tdj2A1VQLC9=o3=PnQxoSF8jOw6OuwozRg@mail.gmail.com>

I Sorry for the possibly lay question.

i note TimBL's WebID has a Creative Commons attribution to it [1].  Is
there currently a way to assert some sort of signature to the file?


[1] http://www.w3.org/People/Berners-Lee/card.filename



On 31 October 2014 23:48, Melvin Carvalho <melvincarvalho@gmail.com> wrote:

> I was showing someone webid this week, and trying to debug using the
> verification services
>
>
> http://www.w3.org/2005/Incubator/webid/wiki/Test_Suite#Some_WebID_Verification_Sites
>
> They are all down!
>
>
>    - FCNS <https://auth.fcns.eu/>
>
> cant connect
>
>
>
>    - foaf-ssl server <https://foafssl.org/test/WebId>
>
> 404
>
>    - Simple MyOpenLink.NET hosted Verification Service
>    <https://id.myopenlink.net/webid_demo.html>
>
> times out
>
>    - ResourceMe <https://resourceme.bergnet.org/test.php>
>
> is there but does not request a cert
>
>    - TurnGuard <http://webid.turnguard.com/WebIDTestServer/debug>
>
> blank page
>
>    - Django WebIDAuth <https://webidauth.rhizolab.org/test/login> earl
>    <https://webidauth.rhizolab.org/test/WebIDTest>
>
> cant connect
>
> I've been using one not mentioned at (
> https://auth.my-profile.eu/auth/index.php?verbose=on ) and also my local
> version of GOLD has helped debug.
>
> To outsiders coming to that page WebID + TLS looks abandoned.
>
> Would be great if anyone with an implementation could update the wiki.
>
> Now that leads me to my next point.
>
> I realized that certificates can (and should) be given a URI.  Today they
> are operating like blank nodes and pointing to a URI.  But they can quite
> easily be given a URI based on their fingerprint.
>
> ni:///sha-1;<fingerprint>
>
> I've started to do this, and it would be really nice if test pages could
> do the same?
>
> Why do this?
>
> - Because now I can send money to a cert that can be received or spent via
> HTTP 402
>
> - Certs can now be marked / signed by other users creating a webby WoT
> e.g. (
> http://klaranet.com/recent?uri=ni%3A%2F%2F%2Fsha-1%3B67cd5112e23b047fff4234a1720956055e215db9
> )
>
> - Anything of significance on the web should be given a URI (axiom 0),
> allowing unexpected reuse
>
> - This allows anonymous webids* to be created, something other groups have
> asked for
>
> - This allows webids* to be created on demand without the need of a home
> page
>
> - This allows one time webids to be created
>
> etc.
>
> *I use the term webid with a small 'w' to indicate anyURI, not the brand
> 'W' WebID which is an agent serving turtle
>
>
> Proposal
>
> - Update test suites where possible to include a URI
> - Use cert fingerprint prefixed with ni:///sha-1; as per RFC 6920 - Naming
> Things with Hashes
>
>
>

Received on Monday, 3 November 2014 09:52:37 UTC