- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Tue, 05 Apr 2011 09:46:09 -0400
- To: Henry Story <henry.story@bblfish.net>
- CC: bergi <bergi@axolotlfarm.org>, WebID XG <public-xg-webid@w3.org>, clerezza-dev@incubator.apache.org
On 4/5/11 9:34 AM, Henry Story wrote: > On 5 Apr 2011, at 15:26, Kingsley Idehen wrote: >> On 4/5/11 5:09 AM, Henry Story wrote: >>> I put an initial Clerezza servers up on bblfish.net with the WebId test endpoint running here: >>> >>> https://bblfish.net:8443/test/WebId [1] >>> >>> This will show you >>> >>> - the public key from the certificate you used, if any >>> - for each claimed WebId: >>> which were verified, failed or are still unverified >>> (that last option is to allow for asynchronous WebId checking ) >> [snip] >> Henry, >> >> Works fine with my "http:" scheme based WebID but doesn't seem to do so with my "mailto:" and "acct:" scheme based WebIDs. Anyway, I'll double check a few things on my side re. these non "http:" scheme based WebIDs just in case something else is amiss. > Nothing is amiss: I don't implement those yet, and they are not speced out carefully yet. Something is amiss since you shouldn't be implementing anything. All you should be doing is asking the IdP to verify the Identity in the security token (X.509 cert). You shouldn't be doing that yourself i.e., in your coe, hence the problem :-) > That would be the purpose of such a test suite to test though. Just how many features are implemented by a server. A Relying Party (the one seeking to verify Identity re. resource access) asks the IdP (the identity token issuer and verifier) to verify an Identity, it shouldn't be doing the IdPs job via local code, which seems to be the case here. Kingsley > Henry > >> >> Kingsley > Social Web Architect > http://bblfish.net/ > > > -- Regards, Kingsley Idehen President& CEO OpenLink Software Web: http://www.openlinksw.com Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca: kidehen
Received on Tuesday, 5 April 2011 13:46:37 UTC