- From: Andrei Sambra <andrei@fcns.eu>
- Date: Fri, 13 Jul 2012 09:50:47 +0200
- To: Mitko Iliev <imitko@openlinksw.com>
- CC: public-webid@w3.org, Kingsley Idehen <kidehen@openlinksw.com>, Sebastian Trueg <trueg@openlinksw.com>
Hi Mitko, On 07/12/2012 11:26 PM, Mitko Iliev wrote: >>> 2. Returned URI does not conform to foafssl.org <http://foafssl.org> >>> and auth.my-profile.eu <http://auth.my-profile.eu>. These are param >>> names retuned by the services mentioned above: >>> > > When this become a standard for params and returned values ? It was never a standard, it was just the way foafssl.org described an authenticated user, so that libAuthentication could understand. Given that foafssl.org was the first service of this kind, I (auth.my-profile.eu) followed in its steps in order to be compatible with libAuthentication and existing implementations. We should indeed have a lengthy discussion about the params and returned values (cc Olivier Berger). >>> a) webid= the urlencoded WebID of the user connecting >>> >>> b) ts= a timestamp in XML Schema format >>> >>> c) sig= the signature of the whole URL (signed with the IdP's private >>> SSL key). >>> >>> d) referer= the address of the IdP, which is needed to fetch the >>> public key of the IdP's SSL certificate (so the application knows >>> from which IDP the signed response comes from in order to choose the >>> correct certificate to verify the signature) >>> >>> More info about the 'protocol' can be found in the README here [0]. >>> >>> [0] https://github.com/WebIDauth/WebIDauth > > I would be careful to say this is protocol yet ;-) > This matter basically should be negotiated and get interoperability > testing passed, no way around believe me. > So I would expect proposal, call etc. then we can proceed to get it done. That's why I put protocol between quotes. > Best Regards, > Mitko Andrei
Received on Friday, 13 July 2012 07:51:17 UTC