Re: Google adds JSON-LD support to Gmail from Sandro Hawke on 2013-05-22 (public-linked-json@w3.org from May 2013)

From: Sandro Hawke <sandro@w3.org>
Date: Wed, 22 May 2013 18:43:15 -0400
To: Melvin Carvalho <melvincarvalho@gmail.com>
CC: Markus Lanthaler <markus.lanthaler@gmx.net>, Dan Brickley <danbri@danbri.org>, RDF-WG Group <public-rdf-wg@w3.org>, Linked JSON <public-linked-json@w3.org>
Message-ID: <519D4A03.6020300@w3.org>

On 05/22/2013 05:35 PM, Melvin Carvalho wrote:
>
>
>
> On 22 May 2013 23:19, Markus Lanthaler <markus.lanthaler@gmx.net 
> <mailto:markus.lanthaler@gmx.net>> wrote:
>
>     On Thursday, May 16, 2013 4:48 PM, Dan Brickley <danbri@danbri.org
>     <mailto:danbri@danbri.org>> wrote:
>     > A couple of points on this:
>     > 1. We (Google) can parse this if written
>     @context="http://schema.org"
>     > and we'll find a way to document that.
>
>     Would it be possible to document that as the preferred way of
>     doing it? I think most people just copy and paste that part anyway
>     so it wouldn't really matter in my opinion. You can still continue
>     to support "schema.org <http://schema.org>" but suggest people to
>     use "http://schema.org"
>
>     What actually worries me much more is that there isn't a context a
>     http://schema.org. Even if I do a GET and accept only
>     application/ld+json I get back an HTML page. Will that be fixed?
>
>
>     > 2. We'd also like to start a conversation about allowing the
>     simpler,
>     > shorter form by defaulting to http:// if not present.
>
>     We could certainly do that but that would mean that we would lose
>     the ability to use relative URLs to reference contexts which I
>     think is very handy for a large number of use cases.
>
>
> It may be slightly better to standardize in https, rather than http, 
> since schema.org <http://schema.org> is used for ecommerce too.  I 
> dont think there's currently any known attack vector based on MITM of 
> a vocab, but one may emerge in future.

+1     https is a pain, but it's looking like pain we have to endure.

(all the http://www.w3.org vocabs are available at https://www.w3.org, 
but of course in RDF those are different symbols.  I don't know what to 
do about that, but we should probably start thinking about it.    I 
wonder if it makes sense for people to just start trying the https 
version of any http URL when they are dereferencing in a sensitive 
app.    Strictly speaking, there's no requirement that https:foo and 
http:foo be related resources, but it seems like a very good and common 
practice.)

          -- Sandro
>
>
>
>
>     --
>     Markus Lanthaler
>     @markuslanthaler
>
>
>

Received on Wednesday, 22 May 2013 22:43:28 UTC