W3C home > Mailing lists > Public > public-solid@w3.org > March 2019

Re: header to allow webid tls on servers

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Fri, 15 Mar 2019 18:28:07 +0100
Message-ID: <CAKaEYh+StCw_fysn=3NE6HovuW6Vfhwf9tdOBU14cwiBA4GTpg@mail.gmail.com>
To: Kingsley Idehen <kidehen@openlinksw.com>
Cc: public-solid@w3.org
On Fri, 15 Mar 2019 at 17:34, Kingsley Idehen <kidehen@openlinksw.com>
wrote:

> On 3/15/19 2:46 AM, Melvin Carvalho wrote:
> > as a long time user of solid servers, there is one feature that I cant
> > live without
> >
> > and that is the ability to authenticate to a server using WebID / TLS
> >
> > what this means is that with a simple curl statement and attaching a
> > certificate you are able to use solid server to server, which is the
> > bulk of my work flow
> >
> > recent additions to the authentication suite, involved adding of
> > webid-oidc, which was promised as an addition, rather than, a replacement
> >
> > I have tried on a number of occasions to use OIDC with TLS, and it's
> > not ready, and frankly a large time sink
> >
> > However, kingsley has been using for some time an innovative
> > approach.  Add a certain header to your curl request and the server
> > will allow TLS authentication.  This is in line with the
> > authentication enhancement that was pitched for solid -- namely oidc
> > to become a point of flexibility.
> >
> > Mainly a question for Kingsley and the group.  How is this achieved?
> > Kingsley has stated informally a few times that he sends a webid tls
> > header.  I need this feature to work.  But two questions
> >
> > 1. What is the name of the header?  Should we try to standardize the
> > naming in this group?
> >
> > 2. How to patch a server so that it will make use of this functionality.
> >
> > What the eventual end product would is something like
> >
> > curl -H "Header : Value" --cert C --key C  URI
> >
> > And you're done.  Most solid servers do this out of the box already.
> > But for those that dont, this would be very useful in allowing server
> > to server or at least, command line to server requests.
>
>
> Hi Melvin,
>
> The header is: webid-tls .
>
> Accepted value: yes  .
>
>
> This is what we use in our NSS fork.
>
> https://github.com/OpenLinkSoftware/node-solid-server


Noting there is an open issue here

https://github.com/OpenLinkSoftware/node-solid-server/issues/8

And the value is "true" rather than "yes" -- is "true" preferred?


>
>
> --
> Regards,
>
> Kingsley Idehen
> Founder & CEO
> OpenLink Software
> Home Page: http://www.openlinksw.com
> Community Support: https://community.openlinksw.com
> Weblogs (Blogs):
> Company Blog: https://medium.com/openlink-software-blog
> Virtuoso Blog: https://medium.com/virtuoso-blog
> Data Access Drivers Blog:
> https://medium.com/openlink-odbc-jdbc-ado-net-data-access-drivers
>
> Personal Weblogs (Blogs):
> Medium Blog: https://medium.com/@kidehen
> Legacy Blogs: http://www.openlinksw.com/blog/~kidehen/
>               http://kidehen.blogspot.com
>
> Profile Pages:
> Pinterest: https://www.pinterest.com/kidehen/
> Quora: https://www.quora.com/profile/Kingsley-Uyi-Idehen
> Twitter: https://twitter.com/kidehen
> Google+: https://plus.google.com/+KingsleyIdehen/about
> LinkedIn: http://www.linkedin.com/in/kidehen
>
> Web Identities (WebID):
> Personal: http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i
>         :
> http://id.myopenlink.net/DAV/home/KingsleyUyiIdehen/Public/kingsley.ttl#this
>
>
>
Received on Friday, 15 March 2019 17:28:42 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:26:39 UTC