- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Fri, 09 Aug 2013 18:18:05 -0400
- To: Henry Story <henry.story@bblfish.net>
- CC: "public-lod@w3.org Data" <public-lod@w3.org>, "public-webid@w3.org" <public-webid@w3.org>
- Message-ID: <52056A9D.9050306@openlinksw.com>
On 8/9/13 2:46 PM, Henry Story wrote: > On 9 Aug 2013, at 19:34, Kingsley Idehen <kidehen@openlinksw.com> wrote: > >> On 8/9/13 12:55 PM, Hugh Glaser wrote: >>> Thanks. >>> I've looked at quite a bit of this stuff, but still don't see where the ACL document gets stored and used. >> As per my setup [1] the ACLs reside in a document. Of course, they can also reside inside a DBMS/store e.g., in a named graph. > What you should have is a link header from the document to the acl document. > http://www.w3.org/wiki/WebAccessControl suggests using the meta link header. Yes, that's a regression in the current implementation as proven by the cURL requests against the two ACL protected resources below: curl -I http://kingsley.idehen.net/DAV/home/kidehen/Public/Linked%20Data%20Documents/WebID-ACL-Demos/ HTTP/1.1 200 OK Server: Virtuoso/06.04.3138 (Linux) x86_64-generic-linux-glibc25-64 VDB Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Date: Fri, 09 Aug 2013 22:13:54 GMT Accept-Ranges: bytes Cache-Control: no-cache, must-revalidate Pragma: no-cache Expires: -1; Content-Length: 40139 curl -I http://kingsley.idehen.net/DAV/home/kidehen/Public/Linked%20Data%20Documents/WebID-ACL-Demos/RWW-Crew.ttl HTTP/1.1 303 See Other Server: Virtuoso/06.04.3138 (Linux) x86_64-generic-linux-glibc25-64 VDB Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Date: Fri, 09 Aug 2013 22:14:37 GMT Accept-Ranges: bytes Location: http://kingsley.idehen.net/describe/?uri=http%3A%2F%2Fkingsley.idehen.net%2FDAV%2Fhome%2Fkidehen%2FPublic%2FLinked%2520Data%2520Documents%2FWebID-ACL-Demos%2FRWW-Crew.ttl Content-Length: 0 > > When talking about this with Alexandre Bertails he thought that rel="meta" was > not the right relation and that rel="acl" would be more correct. Yes. It will be fixed. > > I'd be for developing a simple document alongside the WebID, WebID TLS and > Cert ontology that explains Web Access control in a nice W3C document. Great! > We now have a few implementations of Web Access Control, and it seems to > be working well enough. It's a key feature to understand linked data and > WebID. Yep! > > Henry > > > Social Web Architect > http://bblfish.net/ > > > -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Friday, 9 August 2013 22:18:30 UTC