Re: Request for Review of WebID specs before publishing

On 12 Sep 2013, at 05:19, Erich Bremer <erich@ebremer.com> wrote:

> On 9/11/2013 12:27 PM, Henry Story wrote:
>> On 11 Sep 2013, at 18:20, "Erich Bremer" <erich@ebremer.com> wrote:
>> 
>>> Would it be better to name WebID-TLS:
>>> 
>>> WebID-HTTP/TLS
>>> 
>>> Considering TLS is used in other protocols like SMTP, IMAP, POP, etc?  Whereas it is indicated that it is over HTTP given the definition of WebID in the TLS context, it may be clearer to the WebID newcomer to explicitly mention HTTP in the title rather than to have to discover the fact only after reading the specification?  - Erich
>> The spec should make it clear that this works with other TLS protocols. I think it does.
>> See the section with the UML sequeence diagram.
> Hi Henry,
> 
> However, the way it is written, I think it is a bit confusing. First the WebID-TLS name does not indicate which protocol the document is supporting.  Second, in "1.2 Terminology of the WebID-TLS document", A WebID is defined as, "A WebID is a URI with an HTTP or HTTPS scheme".  Third, in section 3.1 of the WebID-TLS document, in the steps section, it says, "If the protocol is HTTP" which hints that it could be something other than http but contradicts "A WebID is a URI with an HTTP or HTTPS scheme".
> The other document:
> https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html
> also defines "A WebID is a URI with an HTTP or HTTPS scheme" and section 3 of this document is entitled "The WebID HTTP URI".  I think it is clear that http is a focus, but I don't think it is very clear that other protocols potentially could be implemented.  - Erich


You are confusing the WebID - The identifier - and its method of dereferencing (HTTP) with the protocol used by 
the Agent doing the authentication of the client. That is in diagram 3 of 
  https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/tls-respec.html#authentication-sequence
you are confusing the protocol used between Bob's Client and Alice's Server, and the Protocol used between
Alice's Server and Bob's Server. The first protocol can be any protocol using TLS, (all we need is the certificate)
the second must dereference a WebID  which is restricted to http(s) and so that protocol MUST be http based.

Perhaps you can suggest some language to make that clearer?

Henry


> 
>> 
>> 
>>> ==========================================================
>>> Erich Bremer
>>> http://www.ebremer.com
>>> http://haylyn.io
>>> 
>>> 
>>> On Sep 5, 2013, at 9:53 AM, "Henry Story" <henry.story@bblfish.net> wrote:
>>> 
>>>> Dear WebID Community Group,
>>>> 
>>>> we now have three specs up on github here
>>>> 
>>>>  https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/index.html
>>>> 
>>>> All editors think that it is time to publish a new version
>>>> on the W3C WebID Incubator space, to finalise the distinction
>>>> between WebID, WebID-TLS, and the cert ontology.
>>>> 
>>>> So we would like to be able to publish the specs above
>>>> at the following location, by Friday 20 September 2013
>>>> 
>>>> http://www.w3.org/2005/Incubator/webid/spec/
>>>> 
>>>> We would be very happy to receive feedback from
>>>> the community before doing so. If you can spot
>>>> any errors or improvements please let us know,
>>>> we'll do our best to get them in before publication.
>>>> 
>>>>  Thanks,
>>>> 
>>>>       Henry Story
>>>> 
>>>> 
>>>> Social Web Architect
>>>> http://bblfish.net/
>>>> 
>>>> 
>> Social Web Architect
>> http://bblfish.net/
>> 
> 

Social Web Architect
http://bblfish.net/

Received on Thursday, 12 September 2013 06:14:11 UTC