W3C home > Mailing lists > Public > public-xg-webid@w3.org > October 2012

Re: WebID-ISSUE-64 (redirects): Redirects [WebID Spec]

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Tue, 09 Oct 2012 17:11:55 -0400
Message-ID: <5074931B.9070102@openlinksw.com>
To: public-xg-webid@w3.org
On 10/9/12 3:47 PM, Henry Story wrote:
> On 9 Oct 2012, at 20:28, Kingsley Idehen <kidehen@openlinksw.com> wrote:
>
>> On 10/9/12 1:58 PM, Henry Story wrote:
>>> I opened this issue now:
>>>    https://www.w3.org/2005/Incubator/webid/track/issues/64
>>>
>>> Please come up with some text, and help along. It's a difficult issue.
>>>
>>> We need text for
>>>
>>>    a- what happens when a redirect moves from http to https  (security section)
>>>    b- how to resolve urls in remote documents that were reached by redirects
>>>    c- whether the WebID itself changes if redirected???
>>>    d- a note on reasonable numbers of redirects to follow and pointer to http spec
>>>
>>>   I am not sure I have an answer for c.
>> If the WebID changes, and there's no inference in play (e.g., owl:sameAS), it has to be invalid. That's the nature of the underlying semantics of this identity verification protocol.
> What would be useful would be some justfication for that statement.
> An example would help. Take a WebID
>
>     http://joe.example/#me
>
>
> We dereference
>    http://joe.example/
> which redirects with 303 to
>    http://joe.example/people/card
> which redirects with 301 to
>    http://joe.org/people/card
>
> Does that now mean that
>
>    http://joe.example/#me owl:sameAs http://joe.org/people/card#me ?

Is there an public key and webid relationship in the final document that 
matches what's in the x.509 certificate used in the TLS handshake? The 
path doesn't determine the semantics of the pivotal relationship between 
a webid and public key.

>
> Is there ever a case where that is the case?
It's possible, but still doesn't invalidate what I've stated above.

> Is there any standard we can point to to make our case either way?

As the owner of a WebID (a de-referencable URI) used to watermark an 
X.509 cert.  I control the route to the graph that validates my identity 
claims using the WebID protocol. That's what this protocol is about, 
semantically :-)


Kingsley
>
> Henry
>
>
>>> Henry
>>
>> -- 
>>
>> Regards,
>>
>> Kingsley Idehen	
>> Founder & CEO
>> OpenLink Software
>> Company Web: http://www.openlinksw.com
>> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
>> Twitter/Identi.ca handle: @kidehen
>> Google+ Profile: https://plus.google.com/112399767740508618350/about
>> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>>
>>
>>
>>
>>
> Social Web Architect
> http://bblfish.net/
>


-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen







Received on Tuesday, 9 October 2012 21:12:18 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:31 UTC