W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2012

Re: Matter of DN and what's possible

From: Jürgen Jakobitsch <j.jakobitsch@semantic-web.at>
Date: Mon, 09 Jan 2012 22:27:34 +0100 (CET)
To: Henry Story <henry.story@bblfish.net>
Cc: Kingsley Idehen <kidehen@openlinksw.com>, public-xg-webid@w3.org
Message-ID: <1a8e5a5a-d72b-436e-b4f8-5ed458126959@zcs>
henry, it's slightly different,

i fixed a bug, that my NoRSAPublicKeyFoundException was NOT thrown,
in case of no statements about the claimed webID were found (a white screen was shown)

i'm using HttpURLConnection that sends #s to nowhere :) and i didn't have any problem with hashes ever.

sample :

1. in the cert there is the claim "http://2sea.org/sea.rdf#j" (please notice that this is sea.=> rdf <= and not the famous sea.jsp#j example)
2. look at the source of the above mentioned uri, there is NO statement about "http://2sea.org/sea.rdf#j" but only about "http://2sea.org/sea.rdf".

when validating, we need to retrieve statements about the claim, only in the above example there are none.

so this has nothing to do with sending or not-sending #, but it's simply about the fact there is nothing about the claim in the retrieved document,
in such a case now the NoRSAPublicKeyFoundException is correctly thrown.


to me it's quite clear what kingsley intends (i think at least, please correct me if i'm wrong) : 

a distinction between the location of the WebIDClaim and the claim itself. i personally think we're doing it anyway
with the hashes, but it's not that clear, because the location and the claim look very similar.

when you say i'm using the webidClaim http://2sea.org/sea.jsp#j then you ARE saying TWO things : first, where to find
the webIDClaim (@ http://2sea.org/sea.jsp) and second, what subject to look for @ the mentioned location (=http://2sea.org/sea.jsp#j)

and i think he is referring to the possibilities that open up when this is not limited to hash-uris.

wkr j



----- Original Message -----
From: "Henry Story" <henry.story@bblfish.net>
To: "Jürgen Jakobitsch" <j.jakobitsch@semantic-web.at>
Cc: "Kingsley Idehen" <kidehen@openlinksw.com>, public-xg-webid@w3.org
Sent: Monday, January 9, 2012 10:03:32 PM
Subject: Re: Matter of DN and what's possible


On 9 Jan 2012, at 19:53, Jürgen Jakobitsch wrote:

> hi,
> 
> just a short in-between-question :
> 
> are we talking about something like the bug i fixed today (see one of my last mails)
> with this example-uri :
> 
> webIDClaim (in the cert): http://2sea.org/sea.rdf#j
> 
> where the location of document is @ http://2sea.org/sea.rdf but there are only statements about http://2sea.org/sea.rdf,
> in which case i could verify the claim, if i had two fields in the cert, the location of the document and resource which is
> to be verified?

No, that bug was nicely fixed by your server removing the # from the URL as per HTTP spec.

What Kingsely wants to do is still not clear.

Henry

> 
> wkr j
> 
> ----- Original Message -----
> From: "Kingsley Idehen" <kidehen@openlinksw.com>
> To: public-xg-webid@w3.org
> Sent: Monday, January 9, 2012 7:42:27 PM
> Subject: Re: Matter of DN and what's possible
> 
> On 1/9/12 1:35 PM, Henry Story wrote:
>> Ok. So now you have two URLs where before we had one. That is why the previous talk about URIs being a luxury does not make sense. Your solution requires more of them.
>> 
>>>>>> And if it is a URL then why is that not just the place of a WebID then?
>>>> 
>>>> Because you will ultimately quibble about its complexity.
>> Why, I have always supported multiple SANs in the certificate. No issue there.
>> 
>  One point re. the above. Imagine the following scenario:
> 
> I have a sparql construct URL as my address (and compacted using a
> shortener), and a HTTP URI based Name as the subject Name. Both URIs
> placed in SAN of my x.509 cert. Would your verifier work? Do you deem
> this acceptable re. WebID spec as it currently stands?
> 
> Note: the SPARQL URL resolves to a description graph. The other URI is
> the Subject described by said graph.
> 
> --
> 
> Regards,
> 
> Kingsley Idehen	
> Founder&  CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter/Identi.ca handle: @kidehen
> Google+ Profile: https://plus.google.com/112399767740508618350/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
> 
> 
> 
> 
> 
> 
> 
> --
> | Jürgen Jakobitsch,
> | Software Developer
> | Semantic Web Company GmbH
> | Mariahilfer Straße 70 / Neubaugasse 1, Top 8
> | A - 1070 Wien, Austria
> | Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22
> 
> COMPANY INFORMATION
> | http://www.semantic-web.at/
> 
> PERSONAL INFORMATION
> | web   : http://www.turnguard.com
> | foaf  : http://www.turnguard.com/turnguard
> | skype : jakobitsch-punkt
> 

Social Web Architect
http://bblfish.net/


-- 
| Jürgen Jakobitsch, 
| Software Developer
| Semantic Web Company GmbH
| Mariahilfer Straße 70 / Neubaugasse 1, Top 8
| A - 1070 Wien, Austria
| Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22

COMPANY INFORMATION
| http://www.semantic-web.at/

PERSONAL INFORMATION
| web   : http://www.turnguard.com
| foaf  : http://www.turnguard.com/turnguard
| skype : jakobitsch-punkt
Received on Monday, 9 January 2012 21:28:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 9 January 2012 21:28:09 GMT