Re: header to allow webid tls on servers from Kingsley Idehen on 2019-03-15 (public-solid@w3.org from March 2019)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Fri, 15 Mar 2019 14:01:18 -0400
To: public-solid@w3.org
Message-ID: <2ec3c703-1301-c341-586d-11d5b458b91d@openlinksw.com>

On 3/15/19 1:28 PM, Melvin Carvalho wrote:
>
>
> On Fri, 15 Mar 2019 at 17:34, Kingsley Idehen <kidehen@openlinksw.com
> <mailto:kidehen@openlinksw.com>> wrote:
>
>     On 3/15/19 2:46 AM, Melvin Carvalho wrote:
>     > as a long time user of solid servers, there is one feature that
>     I cant
>     > live without
>     >
>     > and that is the ability to authenticate to a server using WebID
>     / TLS
>     >
>     > what this means is that with a simple curl statement and attaching a
>     > certificate you are able to use solid server to server, which is the
>     > bulk of my work flow
>     >
>     > recent additions to the authentication suite, involved adding of
>     > webid-oidc, which was promised as an addition, rather than, a
>     replacement
>     >
>     > I have tried on a number of occasions to use OIDC with TLS, and it's
>     > not ready, and frankly a large time sink
>     >
>     > However, kingsley has been using for some time an innovative
>     > approach.  Add a certain header to your curl request and the server
>     > will allow TLS authentication.  This is in line with the
>     > authentication enhancement that was pitched for solid -- namely oidc
>     > to become a point of flexibility.
>     >
>     > Mainly a question for Kingsley and the group.  How is this
>     achieved? 
>     > Kingsley has stated informally a few times that he sends a webid tls
>     > header.  I need this feature to work.  But two questions
>     >
>     > 1. What is the name of the header?  Should we try to standardize the
>     > naming in this group?
>     >
>     > 2. How to patch a server so that it will make use of this
>     functionality.
>     >
>     > What the eventual end product would is something like
>     >
>     > curl -H "Header : Value" --cert C --key C  URI
>     >
>     > And you're done.  Most solid servers do this out of the box
>     already. 
>     > But for those that dont, this would be very useful in allowing
>     server
>     > to server or at least, command line to server requests.
>
>
>     Hi Melvin,
>
>     The header is: webid-tls .
>
>     Accepted value: yes  .
>
>
>     This is what we use in our NSS fork.
>
>     https://github.com/OpenLinkSoftware/node-solid-server
>
>
> Noting there is an open issue here
>
> https://github.com/OpenLinkSoftware/node-solid-server/issues/8
>
> And the value is "true" rather than "yes" -- is "true" preferred? 
>  


My bad.

"true" is the value rather than "yes".

-- 
Regards,

Kingsley Idehen       
Founder & CEO 
OpenLink Software   
Home Page: http://www.openlinksw.com
Community Support: https://community.openlinksw.com
Weblogs (Blogs):
Company Blog: https://medium.com/openlink-software-blog
Virtuoso Blog: https://medium.com/virtuoso-blog
Data Access Drivers Blog: https://medium.com/openlink-odbc-jdbc-ado-net-data-access-drivers

Personal Weblogs (Blogs):
Medium Blog: https://medium.com/@kidehen
Legacy Blogs: http://www.openlinksw.com/blog/~kidehen/
              http://kidehen.blogspot.com

Profile Pages:
Pinterest: https://www.pinterest.com/kidehen/
Quora: https://www.quora.com/profile/Kingsley-Uyi-Idehen
Twitter: https://twitter.com/kidehen
Google+: https://plus.google.com/+KingsleyIdehen/about
LinkedIn: http://www.linkedin.com/in/kidehen

Web Identities (WebID):
Personal: http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i
        : http://id.myopenlink.net/DAV/home/KingsleyUyiIdehen/Public/kingsley.ttl#this

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Friday, 15 March 2019 18:01:51 UTC