W3C home > Mailing lists > Public > public-webid@w3.org > June 2017

Re: WebID 404 Not Found

From: Cory Sabol <cssabol@uncg.edu>
Date: Sun, 25 Jun 2017 19:29:16 -0400
Message-ID: <CAGaHEaLDYP7nY98a9+27cL5mYUc+WtkvNa5vGxYnDV6Pve3G4w@mail.gmail.com>
To: Martynas Jusevičius <martynas@atomgraph.com>
Cc: public-webid <public-webid@w3.org>
I've also been wondering the same thing.

In my application's auth flow if the webid uri returns of 404 I returned a
400 bad request and reject the Authentication.

This way my client side application can decide what to do with that
information in terms of what views to render Etc.

I think it might be nice if the spec did mention something about this
though.

On Jun 25, 2017 7:05 PM, "Martynas Jusevičius" <martynas@atomgraph.com>
wrote:

> Hey,
>
> what is supposed to happen when the WebID URI extracted from the client
> certificate returns 404 Not Found when dereferenced?
>
> Step 6.1 in Authentication Sequence [1] talks about fetching WebID profile
> by dereferencing it, but does not consider a failure scenario.
>
> What kind of response status code should be sent when such failure occurs?
> It is a client error, so probably a 4xx like 400 Bad Request. Although some
> servers send SSL-specific like 495 SSL Certificate Error or 496 SSL
> Certificate Required, but those are non-standard [2].
>
> [1] https://www.w3.org/2005/Incubator/webid/spec/tls/#
> authentication-sequence
> [2] https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#nginx
>
Received on Sunday, 25 June 2017 23:29:49 UTC

This archive was generated by hypermail 2.3.1 : Sunday, 25 June 2017 23:29:50 UTC