[foaf-dev] Re: sketch of a simple authentication protocol

Story Henry henry.story at bblfish.net
Thu Apr 3 10:15:26 BST 2008


On 3 Apr 2008, at 10:55, Toby A Inkster wrote:
> On 2 Apr 2008, at 15:52, Story Henry wrote:
>
>> I thought it would be fun to represent your answer [1] with a  =

>> Sequence Diagram to make sure I have really understood what you are  =

>> saying. It is even simpler that the previous sketch.
>
>
> Yep, that's pretty much it.

great. I am now checking to see how difficult it is to get this X501  =

information with Java libraries. It would be fun to get a demo going.

> An additional detail which is missing in your diagramme is: what  =

> happens if Romeo's client doesn't send an Agent-Id header (I used  =

> HTTP "From" header originally, but it doesn't really matter what the  =

> header is called) or Juliette decides she doesn't trust Romeo. I  =

> originally specified that a simple copy of the public profile should  =

> be returned, but instead I think perhaps a 302 redirect back to the  =

> public profile is more appropriate.

makes sense. I'll add a note in the commentaries if I can get this to  =

work.

> Also, I'd like to make a bid to explicitly allow XHTML+RDFa to be  =

> used for the public profiles (and if implementations are going to  =

> need to support it for public profiles, we might as well also allow  =

> it for private profiles!). With that in place, a person can decide  =

> to use the same URI for:
>
> 	* their (human-readable) homepage;
> 	* their FOAF profile for use in this protocol; and
> 	* their OpenID identifier.

Of course. In the initial sketch I had made that explicit. Any RDF  =

representation, including GRDDLEable Xml should be ok.

> If we insisted that their profile URI be RDF/XML, then that couldn't  =

> happen (except perhaps with some sort of content negotiation going  =

> on =97 I've not thought out the details).

Well the beautify of semantics is that we can abstract on the  =

representation.
:-)

Henry

> -- =

> Toby A Inkster
> <mailto:mail at tobyinkster.co.uk>
> <http://tobyinkster.co.uk>
>
>
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2429 bytes
Desc: not available
Url : http://lists.usefulinc.com/pipermail/foaf-dev/attachments/20080403/42=
aa981c/smime.bin


More information about the foaf-dev mailing list