Re: Editing a Web Access Contrl Spec? Was: Simple WebID, WebID+TLS Protocol, and ACL Dogfood Demo from Kingsley Idehen on 2013-08-09 (public-lod@w3.org from August 2013)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Fri, 09 Aug 2013 18:18:05 -0400
To: Henry Story <henry.story@bblfish.net>
CC: "public-lod@w3.org Data" <public-lod@w3.org>, "public-webid@w3.org" <public-webid@w3.org>
Message-ID: <52056A9D.9050306@openlinksw.com>

On 8/9/13 2:46 PM, Henry Story wrote:
> On 9 Aug 2013, at 19:34, Kingsley Idehen <kidehen@openlinksw.com> wrote:
>
>> On 8/9/13 12:55 PM, Hugh Glaser wrote:
>>> Thanks.
>>> I've looked at quite a bit of this stuff, but still don't see where the ACL document gets stored and used.
>> As per my setup [1] the ACLs reside in a document. Of course, they can also reside inside a DBMS/store e.g., in a named graph.
> What you should have is a link header from the document to the acl document.
> http://www.w3.org/wiki/WebAccessControl suggests using the meta link header.

Yes, that's a regression in the current implementation as proven by the 
cURL requests against the two ACL protected resources below:

curl -I 
http://kingsley.idehen.net/DAV/home/kidehen/Public/Linked%20Data%20Documents/WebID-ACL-Demos/
HTTP/1.1 200 OK
Server: Virtuoso/06.04.3138 (Linux) x86_64-generic-linux-glibc25-64 VDB
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Aug 2013 22:13:54 GMT
Accept-Ranges: bytes
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: -1;
Content-Length: 40139

curl -I 
http://kingsley.idehen.net/DAV/home/kidehen/Public/Linked%20Data%20Documents/WebID-ACL-Demos/RWW-Crew.ttl
HTTP/1.1 303 See Other
Server: Virtuoso/06.04.3138 (Linux) x86_64-generic-linux-glibc25-64 VDB
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Aug 2013 22:14:37 GMT
Accept-Ranges: bytes
Location: 
http://kingsley.idehen.net/describe/?uri=http%3A%2F%2Fkingsley.idehen.net%2FDAV%2Fhome%2Fkidehen%2FPublic%2FLinked%2520Data%2520Documents%2FWebID-ACL-Demos%2FRWW-Crew.ttl
Content-Length: 0

>
> When talking about this with Alexandre Bertails he thought that rel="meta" was
> not the right relation and that rel="acl" would be more correct.

Yes.

It will be fixed.

>
> I'd be for developing a simple document alongside the WebID, WebID TLS and
> Cert ontology that explains Web Access control in a nice W3C document.

Great!

> We now have a few implementations of Web Access Control, and it seems to
> be working well enough. It's a key feature to understand linked data and
> WebID.

Yep!


>
> Henry
>
>
> Social Web Architect
> http://bblfish.net/
>
>
>


-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Friday, 9 August 2013 22:18:31 UTC