- From: Martynas Jusevičius <martynas@atomgraph.com>
- Date: Wed, 28 Jun 2017 00:33:07 +0200
- To: public-webid <public-webid@w3.org>
Received on Tuesday, 27 June 2017 22:33:41 UTC
Hi, I think there is another case where failure scenario is not defined in protocol: verifying the WebID. What happens if the certificate key does not match the WebID key? None of the verification steps or sections seem to consider that. I suggest again that a 400 Bad Request should be returned. I think it is important for the protocol to handle failures if we want robust implementations. Is this group active enough to fix such issues? Martynas
Received on Tuesday, 27 June 2017 22:33:41 UTC