Re: WebID verification services from Melvin Carvalho on 2014-10-31 (public-webid@w3.org from October 2014)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Fri, 31 Oct 2014 16:03:58 +0100
To: Andrei Sambra <andrei.sambra@gmail.com>
Cc: public-webid <public-webid@w3.org>
Message-ID: <CAKaEYhKzCCGYAJatP2mzW5GYcUDCJ5wE=DYh919NK-rZVBpGvg@mail.gmail.com>

On 31 October 2014 16:02, Andrei Sambra <andrei.sambra@gmail.com> wrote:

> Hi Melvin,
>
> On Fri, Oct 31, 2014 at 5:48 AM, Melvin Carvalho <melvincarvalho@gmail.com
> > wrote:
>
>> I was showing someone webid this week, and trying to debug using the
>> verification services
>>
>>
>> http://www.w3.org/2005/Incubator/webid/wiki/Test_Suite#Some_WebID_Verification_Sites
>>
>> They are all down!
>>
>>
>>    - FCNS <https://auth.fcns.eu/>
>>
>>
> FCNS has no WebID services. Maybe you meant https://auth.my-profile.eu/?
>
> It looks like it fails to authenticate me. Weird, since it used to work.
> I'll look into it.
>

Wiki page is probably out of date, was just cut and pasting from there.


>
>
>> cant connect
>>
>>
>>
>>    - foaf-ssl server <https://foafssl.org/test/WebId>
>>
>> 404
>>
>>    - Simple MyOpenLink.NET hosted Verification Service
>>    <https://id.myopenlink.net/webid_demo.html>
>>
>> times out
>>
>>    - ResourceMe <https://resourceme.bergnet.org/test.php>
>>
>> is there but does not request a cert
>>
>>    - TurnGuard <http://webid.turnguard.com/WebIDTestServer/debug>
>>
>> blank page
>>
>>    - Django WebIDAuth <https://webidauth.rhizolab.org/test/login> earl
>>    <https://webidauth.rhizolab.org/test/WebIDTest>
>>
>> cant connect
>>
>> I've been using one not mentioned at (
>> https://auth.my-profile.eu/auth/index.php?verbose=on ) and also my local
>> version of GOLD has helped debug.
>>
>> To outsiders coming to that page WebID + TLS looks abandoned.
>>
>> Would be great if anyone with an implementation could update the wiki.
>>
>> Now that leads me to my next point.
>>
>> I realized that certificates can (and should) be given a URI.  Today they
>> are operating like blank nodes and pointing to a URI.  But they can quite
>> easily be given a URI based on their fingerprint.
>>
>> ni:///sha-1;<fingerprint>
>>
>> I've started to do this, and it would be really nice if test pages could
>> do the same?
>>
>> Why do this?
>>
>> - Because now I can send money to a cert that can be received or spent
>> via HTTP 402
>>
>> - Certs can now be marked / signed by other users creating a webby WoT
>> e.g. (
>> http://klaranet.com/recent?uri=ni%3A%2F%2F%2Fsha-1%3B67cd5112e23b047fff4234a1720956055e215db9
>> )
>>
>> - Anything of significance on the web should be given a URI (axiom 0),
>> allowing unexpected reuse
>>
>> - This allows anonymous webids* to be created, something other groups
>> have asked for
>>
>> - This allows webids* to be created on demand without the need of a home
>> page
>>
>> - This allows one time webids to be created
>>
>> etc.
>>
>> *I use the term webid with a small 'w' to indicate anyURI, not the brand
>> 'W' WebID which is an agent serving turtle
>>
>>
>> Proposal
>>
>> - Update test suites where possible to include a URI
>> - Use cert fingerprint prefixed with ni:///sha-1; as per RFC 6920 -
>> Naming Things with Hashes
>>
>>
>>
>

Received on Friday, 31 October 2014 15:04:30 UTC