[foaf-protocols] HTTP response code for bad auth, webid

Story Henry henry.story at bblfish.net
Sun Jan 17 02:34:19 CET 2010


On 16 Jan 2010, at 02:04, Peter Williams wrote:

> When the webid does not meet the identity (vs authorization) requirements of the resource, what HTTP response code are folks returning?]

Good question.

> Conventionally, cert invalidity errors are transport failures, rather than HTTP failures. But, does such a notion exist in linked data theory?

Don't think this has anything specifically to do with linked data.
What HTTP error should a server return when the client cert is invalid?
There are two cases, the server requests the certificate as NEEDed, or as optional. What is the situation in that case.


> We cannot realistically send back a 401, as that would be induce an inappropriate HTTP-level challenge. I'm sending back a 400 for now.



More information about the foaf-protocols mailing list