Re: [foaf-protocols] HTTP request header field for acceptable authentication methods

From: Joe Presbrey <presbrey@csail.mit.edu> · Date: Sat, 5 Nov 2011 09:03:32 -0400

WebID is an ID verified by the metadata available at its web address.

It does not exclude SSLv3, require TLS or X509.

Short and simple is better.

In practice I think most people will eg. keep mod_ssl separate from
mod_authn_webid.

Best wishes,

Joe Presbrey

On Fri, Nov 4, 2011 at 9:45 PM, Peter Williams <home_pw@msn.com> wrote:
> So what is webid vs webid-tls?
>
> Does webid tls exclude ssl v3?
>
> I ask as only very specific agendas call for the elimination of ssl v3. Only .001%  of the users know the difference, and less than half of those can accurately state it.
>
>
> On Nov 4, 2011, at 2:28 AM, "Mark Nottingham" <mnot@mnot.net> wrote:
>
>>
>> On 04/11/2011, at 9:34 AM, bergi wrote:
>>>
>>> Authentication Scheme
>>>
>>> I was thinking about this a little bit more and now I'm not sure if we
>>> should use WebID or WebID-TLS or even something else. From the
>>> terminology point of view WebID-TLS would fit better.
>>>
>>> HTTPBis, part 7, section 2.3 [1] points to a link on the IANA web site
>>> which is dead [2]. I haven't found a new URL. Somebody knows if this
>>> page has moved somewhere else?
>>
>> That link is dead because HTTPbis hasn't been through the entire process yet; the IANA registries will be established later on.
>>
>> Cheers,
>>
>> --
>> Mark Nottingham   http://www.mnot.net/
>>
>>
>>
>> _______________________________________________
>> foaf-protocols mailing list
>> foaf-protocols@lists.foaf-project.org
>> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols@lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>