W3C home > Mailing lists > Public > public-webid@w3.org > May 2014

Re: A WebID Implementation => HTTPS Client Certificate Authentication lacks a useful filter mechanism.

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Mon, 19 May 2014 18:05:04 -0400
Message-ID: <537A8010.1000902@openlinksw.com>
To: public-webid@w3.org
On 5/19/14 4:59 PM, Anders Rundgren wrote:
> Unfortunately https://fictionverse.net displays the same UI
> awkwardness as http://cimba.co which is listing *all* certificates
> you have, not only those carrying a WebID URI.

So what?

Again, that's browser behavior, nothing to do with the WebID or this 
application/service putting WebID-TLS to use.

Is HTTP to blame for the UI that browser place in front of it? Come on now!

> However, this problem has nothing to do with UI, it is a limitation
> in the HTTPS protocol.

It's a limitation in the way Browsers have implemented TLS. Browsers 
(all derivatives of Mosaic) are the Best and Worst thing that happened 
to the Web. There's a paradox for you to think about.

> A useful X.509 certificate-based web-authentication solution MUST IMO
> be able to filter on any of the standard extension attributes.

Tell that to the Browser developers.
> For WebID-X.509 a specific WebID policy OID would be ideal since it
> doesn't interfere with anything else.

And that would change what in regards to Browser behavior, in their 
current form?
> Anders



Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Received on Monday, 19 May 2014 22:05:27 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:05:55 UTC