Re: [foaf-protocols] WebID status recap?

Why the focus on that tls spec? It focuses on an applied variant of channel bindings tokens (that more generally address non-detection of cert-based mitm).

I thought webid made the assumption that states and corporations dont engage in such activities (perhaps as ordered, in the case of large corporations) and thus such vulnerabilities are just "defined" as out of scope for webid?

Stéphane Corlosquet <scorlosquet@gmail.com> wrote:

>
>
>On Fri, Jun 14, 2013 at 5:34 AM, Henry Story <henry.story@bblfish.net> wrote:
>
>
>On 13 Jun 2013, at 22:31, Henry Story <henry.story@bblfish.net> wrote:
>
>> Yes, we have two specs:
>>
>> https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/tls-respec.html
>> https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html
>>
>> I am not sure why we don't get the full html view anymore.
>> Anyone know what we need to change?
>
>I fixed these. The problem is related to the move to the new
>respec.js https://github.com/darobin/respec/
>
>It no longer allows one to add spec refs to the js as one used
>to be able to
>
>see diff https://dvcs.w3.org/hg/WebID/rev/7f01174c75b0
>
>So the TLS spec now is missing two references
>
>[[
>  berjon.biblio["RFC5746"] = "E. Rescorla, M. Ray, S. Dispensa, N. Oskov,  <a href=\"http://tools.ietf.org/html/rfc5746\"><cite>Transport Layer Security (TLS) Renegotiation Indication Extension</cite></a> February 2010. Internet RFC 5246. URL: <a href=\"http://tools.ietf.org/html/rfc5746\">http://tools.ietf.org/html/rfc5746</a> ";
>
>  berjon.biblio["WEBID"] =  "Andrei Sambra, Stéphane Corlosquet. <a href='https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html'
>]]
>
>Any idea how one can get those added to the code using the new specref?
>
>
>I've fixed that with [1]. The updated TLS document doesn't show errors now [2].
>
>
>Steph.
>
>
>[1] https://dvcs.w3.org/hg/WebID/rev/49894597ee18
>
>[2] https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/tls-respec.html
>
>