- From: Baptiste Lafontaine <baptiste33@gmail.com>
- Date: Wed, 25 Jan 2012 17:11:57 +0100
- To: Mischa Tuffield <mischa@mmt.me.uk>
- Cc: public-webid@w3.org
2012/1/25 Mischa Tuffield <mischa@mmt.me.uk>: > Hello, > > After Melvin pointed me at his/a calendar APP (very cool btw) [1], I noticed that I managed to authenticate with my WebID[2] even though my cert had expired on 2012-01-17, am guessing this is not a feature and it shouldn't be the case. > > I have tested this expired cert on the following services, which I found on the WebID Test Suite[3]: Isn't it the role of the TLS stack to make this verification ? > https://auth.fcns.eu/auth/index.php?verbose=on (Failed to notice that my cert was expired) > https://id.myopenlink.net/webid_demo.html?webid=http%3A%2F%2Fmmt.me.uk%2Ffoaf.rdf%23mischa (Failed to notice that my cert was expired) > https://foafssl.org/test/WebId (This service noticed that my cert was expired) > https://resourceme.bergnet.org/test.php (My browser didn't even ask me for a cert in this case) > https://webid.turnguard.com:8443/WebIDTestServer/onlywithcert (This service noticed that my cert was expired) > > I just thought I would say :) > > Great work everyone, > > Mischa *needs to generate a new cert I guess $todoList++. > > [1] http://calendar.data.fm/ > [2] http://mmt.me.uk/foaf.rdf#mischa > [3] http://www.w3.org/2005/Incubator/webid/wiki/Test_Suite#Some_WebID_Verification_Sites > _____________________________ > Mischa Tuffield PhD > http://mmt.me.uk/ > http://mmt.me.uk/foaf.rdf#mischa > > > -----BEGIN PGP SIGNATURE----- > > iQIcBAEBAgAGBQJPICFzAAoJEJ7QsE5R8vfvIR0QALVjKBoU8+WheQJyQ+bAG7et > uHfzUJVZ78ZqEGaoUyLmvR3Lwp+oGMYYe4IGE5XFi5SgEejdALNAKCWw6Rlckp4G > yoaM2nMix8dSRuhOcdzwI5TQFHyDf7hcvWKcF+WQaDwv74YlhdW+90OMIbf34HPI > F0x+xHwPllU5/wK+I9Wz7c8nADZd8dNLUd+Maw1ZLFmso/fAb0wLsxRFU6lZ/Zeu > XF1bBcrJfeJth52PNclYYdP+VR9szNSYOsLBwJvOXb3nhwJEEN+txeKn4iafo7ai > yiDwBIO5rTtv7oPC3P31PVqj/cYcZE2oiwpnPLt4Q1mJuDdfNAvsSj2O+Crf1Bpe > wm90JXJqJ+JiScuI8DNBmWaObvtNssOLNz1sYfxKBXNkuSAKnWUyUx4yermpDSZC > muWa6svB00GA+IEKMqb8Ko3rRZNxTGs4cgHIP2S+5s7a3oed6y/rshXzNDATe8ST > Z65McgOsJJ+jhYhtvsRUFkLcrTqLonn+KOThSanx82NFms/yQzrotOtaj6KJy0Gk > HF3QCIwFy1vDL2QLcUSXAUfGSBgWO3DwxkTmoEWmZGG2C5+F8WWbj/y8L6k6OkLS > sSJDq9jOGEbanhv6UkbLatPq5gOwIm7kGNjI+g6aTZcaXZURmLxe2gM0Y+PC4fGJ > sUgBwyP2MCEVLBNQpgaC > =bXGS > -----END PGP SIGNATURE----- >
Received on Wednesday, 25 January 2012 16:13:03 UTC