[foaf-protocols] Webid Spec: HTTP status codes?
presbrey at csail.mit.edu
Fri Aug 13 01:56:34 CEST 2010
On Thu, Aug 12, 2010 at 7:13 PM, Akbar Hossain <akkiehossain at gmail.com> wrote:
> Joe Presbrey created an apache mod to implement the foaf+ssl authnetication .
Hi Akbar, thanks! I'll document the current mod_authn_webid responses
to your rough list inline below.
> A rough list would probably include
> TLS connection error
no HTTP connection => no HTTP response status code
> No client certificate supplied
> No URI found in the SAN
> Unable to dereference a URI in the SAN
Not considered. Is this a failed GET sub-request of the WebID URI? If
so, this should be 502.
> Public Key in the Client Certificate doesnt match the RSA Public Key in WebId
My only use of 403 is in mod_authz_webid (the RDF authorization/ACL
module). At the very least, a more specific HTTP response body should
be returned from the various cases for 401 to differentiate them. I
had this on my TODO but will now hold it until this discussion
More information about the foaf-protocols