WebID verification services from Melvin Carvalho on 2014-10-31 (public-webid@w3.org from October 2014)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Fri, 31 Oct 2014 13:48:47 +0100
To: public-webid <public-webid@w3.org>
Message-ID: <CAKaEYhLU9KbfH4d9ZKNPN=yNwdh_vs322T81RhgMdYonKapNjw@mail.gmail.com>

I was showing someone webid this week, and trying to debug using the
verification services

http://www.w3.org/2005/Incubator/webid/wiki/Test_Suite#Some_WebID_Verification_Sites

They are all down!


   - FCNS <https://auth.fcns.eu/>

cant connect



   - foaf-ssl server <https://foafssl.org/test/WebId>

404

   - Simple MyOpenLink.NET hosted Verification Service
   <https://id.myopenlink.net/webid_demo.html>

times out

   - ResourceMe <https://resourceme.bergnet.org/test.php>

is there but does not request a cert

   - TurnGuard <http://webid.turnguard.com/WebIDTestServer/debug>

blank page

   - Django WebIDAuth <https://webidauth.rhizolab.org/test/login> earl
   <https://webidauth.rhizolab.org/test/WebIDTest>

cant connect

I've been using one not mentioned at (
https://auth.my-profile.eu/auth/index.php?verbose=on ) and also my local
version of GOLD has helped debug.

To outsiders coming to that page WebID + TLS looks abandoned.

Would be great if anyone with an implementation could update the wiki.

Now that leads me to my next point.

I realized that certificates can (and should) be given a URI.  Today they
are operating like blank nodes and pointing to a URI.  But they can quite
easily be given a URI based on their fingerprint.

ni:///sha-1;<fingerprint>

I've started to do this, and it would be really nice if test pages could do
the same?

Why do this?

- Because now I can send money to a cert that can be received or spent via
HTTP 402

- Certs can now be marked / signed by other users creating a webby WoT e.g.
(
http://klaranet.com/recent?uri=ni%3A%2F%2F%2Fsha-1%3B67cd5112e23b047fff4234a1720956055e215db9
)

- Anything of significance on the web should be given a URI (axiom 0),
allowing unexpected reuse

- This allows anonymous webids* to be created, something other groups have
asked for

- This allows webids* to be created on demand without the need of a home
page

- This allows one time webids to be created

etc.

*I use the term webid with a small 'w' to indicate anyURI, not the brand
'W' WebID which is an agent serving turtle


Proposal

- Update test suites where possible to include a URI
- Use cert fingerprint prefixed with ni:///sha-1; as per RFC 6920 - Naming
Things with Hashes

Received on Friday, 31 October 2014 12:49:15 UTC