[foaf-protocols] Lots of confusions ...

Melvin Carvalho melvincarvalho at gmail.com
Tue May 18 19:10:41 CEST 2010


2010/5/18 Melvin Carvalho <melvincarvalho at gmail.com>

>
>
> 2010/5/18 Kingsley Idehen <kidehen at openlinksw.com>
>
>> Melvin Carvalho wrote:
>>
>>>
>>>
>>> 2010/5/18 Kingsley Idehen <kidehen at openlinksw.com <mailto:
>>> kidehen at openlinksw.com>>
>>>
>>>
>>>    Story Henry wrote:
>>>
>>>        On 18 May 2010, at 17:26, Kingsley Idehen wrote:
>>>
>>>
>>>            Story Henry wrote:
>>>
>>>                On 18 May 2010, at 15:29, Melvin Carvalho wrote:
>>>
>>>
>>>                            You don't know what's happening here, do
>>>                            you Mr Jones.
>>>
>>>                        There are a few bugs on the foaf.me
>>>                        <http://foaf.me> mailing list.
>>>
>>>
>>>
>>>                    Apologies for this.  There was an attempt made to
>>>                    refactor the library, but
>>>                    it seems some bugs were introduced, that have not
>>>                    yet been patched.  I didnt
>>>                    actually program this piece, but will attempt to
>>>                    work out what's going
>>>                    wrong, or see if I can roll back to the previous
>>>                    version of the library,
>>>                    which was definitely stable.
>>>
>>>                This could be related to the bug I found last year
>>>                that allowed one with Tabulator to edit other people's
>>>                foaf graphs.
>>>
>>>            How can you edit someone else's FOAF graphs if FOAF+SSL
>>>            based ACLs are functional?
>>>
>>>
>>>        Nobody is arguing that you could if things worked properly. We
>>>        are speaking of bugs here.
>>>
>>>        These are the types of bugs many people moving from tabular
>>>        databases and indeed any other kind of closed world
>>>        programming environment to RDF will make. This was my point in
>>>        "Are OO Languages Autistic"
>>>        http://blogs.sun.com/bblfish/entry/are_oo_languages_autistic
>>>
>>>        We have all been forced as programmers into bad thinking
>>>        habits. So we should be aware of our own mistakes, and help
>>>        people joining the community to avoid making them too. This
>>>        will be a difficult educational task.
>>>
>>>
>>>    Yes, but I am more concerned about the Tabulator edit aspect of
>>>    this.  How does Tabulator enable to edit data in a space to which
>>>    you don't have privileges? I haven't looked at Tabulator for a
>>>    long time now, but I am somewhat confused re. this turn of events.
>>>
>>>
>>> Tabulator can edit any file that
>>>
>>> 1) Sends the requisite MS-Author-Via: SPARQL
>>> 2) Accepts an HTTP PUT with a SPARQL UPDATE
>>>
>>
>> That I grok since I remember Virtuoso being the first server with those
>> DAV extensions in place :-)
>>
>> What I am concerned about is how this can happen without a space owner
>> knowing that DAV should be shutdown. Note, none of these problems will
>> happen with Virtuoso (since its in lock down by default). I am just
>> concerned about the general case.
>>
>> Doesn't Tabulator use FOAF+SSL and ACLs?
>>
>
> Afiak 0.8.7 has webdav and sparul but not foaf+ssl and/or acls
>
> The current branch is:
>
> hg clone http://dig.csail.mit.edu/hg/tabulator
>
> As you can see some recent edits to the social pane ... so it may be in
> progress
>
> http://dig.csail.mit.edu/hg/tabulator/?cmd=changelog;style=gitweb
>

An interesting one:

7 days agofurther updates to the new social
pane.<http://dig.csail.mit.edu/hg/tabulator/?cmd=changeset;node=772212df4877f5ca7477ce6f5e09bd9fc858b15c;style=gitweb>
 changeset<http://dig.csail.mit.edu/hg/tabulator/?cmd=changeset;node=772212df4877f5ca7477ce6f5e09bd9fc858b15c;style=gitweb>
 *charles2 <charles2 at mit.edu> [Mon, 10 May 2010 16:36:44 -0400] rev 881*
 further updates to the new social pane.
*can now create new webids (post keygen and username) *



>
>
>
>>
>> Kingsley
>>
>>>
>>> I guess (1) should imply (2)
>>>
>>> I'm not sure we ever formally decided a rule to add foaf+ssl to the mix,
>>> but simplest is that if you're authenticated as the webid that 'owns' a
>>> 'protected' document. you should be allowed to edit?
>>>
>>>        Henry
>>>
>>>
>>>
>>>    --
>>>    Regards,
>>>
>>>    Kingsley Idehen       President & CEO OpenLink Software     Web:
>>>    http://www.openlinksw.com
>>>    Weblog: http://www.openlinksw.com/blog/~kidehen<http://www.openlinksw.com/blog/%7Ekidehen>
>>>    <http://www.openlinksw.com/blog/%7Ekidehen>
>>>    Twitter/Identi.ca: kidehen
>>>
>>>
>>>
>>>
>>>
>>>
>>
>> --
>>
>> Regards,
>>
>> Kingsley Idehen       President & CEO OpenLink Software     Web:
>> http://www.openlinksw.com
>> Weblog: http://www.openlinksw.com/blog/~kidehen<http://www.openlinksw.com/blog/%7Ekidehen>
>> Twitter/Identi.ca: kidehen
>>
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20100518/136d35d9/attachment-0001.htm 


More information about the foaf-protocols mailing list