WebID Incubator Group Teleconference -- 04 Jul 2011

<trackbot> Date: 04 July 2011

<bblfish> skip agendum

<jeffsayre> Are we just on IRC or also on phone?

<jeffsayre> Zakim says I am first on the conference call.

<bblfish> am about to come on

<jeffsayre> :)

<gaedke> Hi

<bblfish> zakim ??p4 is me

<bblfish> zakim bblfish is chair

<bblfish> zakim who is making noise

i may cut out after about 45 minutes, just noticed my credit is running out ....

<bblfish> previous meeting minutes +1 from me

but i should be able to top up

oh great

ill do that next time

<bblfish> http://webid.info/

bblfish: information on SIP

thanks!

<bblfish> +1

<bergi> +1

<jeffsayre> +1

<bblfish> did come with some extras in the mail http://lists.w3.org/Archives/Public/public-xg-webid/2011Jun/0084.html

scribe: who is going to do the bug enhancement report?

<bblfish> for apache

scribe: bergi?
... so that it is easier to allow all certificates even ones with extensions

bergi: i can do this, is it open for everyone?

bblfish: yes, and you can vote

<bblfish> vote for this: https://bugzilla.mozilla.org/show_bug.cgi?id=396441

<bblfish> or the google one http://code.google.com/p/chromium/issues/detail?id=29784

bblfish: tell people to vote
... and issue bugs to opera

http://code.google.com/p/chromium/issues/detail?id=29784

<bblfish> action, bergi to create apache issue on more flexible certificate access

<bblfish> ACTION bergi to create apache issue on more flexible certificate access

<trackbot> Sorry, couldn't find user - bergi

could be <first intital><7 characters of last name> ?

<bblfish> ACTION Bergwinkl to create apache issue on more flexible certificate access

<trackbot> Created ACTION-32 - Create apache issue on more flexible certificate access [on Thomas Bergwinkl - due 2011-07-11].

scribe: you mentioned something about the wiki

bergi: it was about apache configuration, how to disable critical extensions
... i updated the topic

bblfish: that's covered then
... spec improvements

<bblfish> Domel added some rdf/xml here https://github.com/domel/webid-spec.git

bblfish: domel added some items to git
... we'll look at that later when scor is here
... has anyone done anything on the ontology?
... test suite?

bergi: a new issue about multiple keys
... currently theres a test for only one modulus and one exponent

bblfish: if you have a public key it contains two relations of type key
... rsa key, public exponent and modulus
... if they dont match someone has made a mistake

bergi: shoudnt the login module look for the modulus matching to the certificate?
... is it not a security issue?

<gaedke> perfect

bblfish: it's not a security hole, its a UI issue
... if services created foaf files that a broken, and users sometimes dont get logged in, its bad for webid
... worth fixing that kind of issue
... easy to do with cut and paste

bergi: in the test do you mean, in the certificate object there should be one public key, but multiple certificates?

<bblfish> multiple public keys

bblfish: can have multiple public keys, each one has one modulus and one exponent
... on the wiki there is a test suite link
... perl ontology

<bblfish> http://dvcs.w3.org/hg/WebID/file/55f18239ed1a/tests/earl/test.n3

<bblfish> perl not perl

<bblfish> wit:pubkeyRSAModulusFunctional a earl:TestCase;

<bblfish> 76 dct:title "not more than one modulus";

<bblfish> 77 dct:description "More than one modulus if they don't convert to the same number will lead to erratic behavior (one server will choose one the other server will chose the other)".

<bblfish> 78

bblfish: functional relations only have one value
... everyone should be implementing this on your webid implementation

<bblfish> http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala?view=markup

<bblfish> this is the scala implemetnation

bblfish: i think it's kind of readable

<bblfish> asrtKeyModulusFunc

bblfish: you'll see the code
... if no modulus we say missing modulus
... else we cant tell it's an rsa key
... if i have more than one modulus, that's another error
... each test creates objects which will be transformed into RDF
... then you serialize the results out to the user
... the user can make reports
... need a few people to try this out

bergi: yes that helps

<bblfish> mercurial

bblfish: you have access to hg so you can put the fix in

bergi: i will look at the description and fix it

<bblfish> g.bnode.a(EARL.Assertion)

<bblfish> 711 -- EARL.test --> testName

<bblfish> 712 -- EARL.result --> result.toRdf()

<bblfish> 713 -- EARL.subject -->> subjects

bblfish: nice thing about scala is you can make rdf look as above

bergi: another idea, perhaps we can link versions together, test cases, to the spec
... see which tests are REQUIRED
... other tests are helpful

bblfish: good idea
... there might be a way of doing that, do it with one or two to see if it works
... in EARL there's an ontology for linking and pointing to things
... there are pointer objects in scala

<bblfish> http://dvcs.w3.org/hg/WebID/file/55f18239ed1a/tests/earl/test.n3

bblfish: you can see in the test above

<bblfish> https://bblfish.net:8443/test/WebId

bblfish: my test suite does return rdf/xml
... also returns json turtle and ntriples

bergi: i used your tests as an example for my endpoint
... so i can point to them if there's a problem
... human readable
... RDFa
... when finished i will add it to the wiki
... my endpoint is in php an test suite in java

<bblfish> Everyobdy else see what is going on?

<jeffsayre> +1

yes :)

i am not actively developing one

but my revive the code from foaf.me on another server

i dont control foaf.me anymore

sorry just ran out of credit

brb

<bblfish> anyone followed the discussion on ldap?

<gaedke> +q

<gaedke> unmute

<bblfish> unmute gaedke

re :)

bblfish: lets have a wiki page on LDAP
... show how it works
... how do they publish their public key
... if kingsley can explain how he publishes his public key in LDAP
... we should have a wiki page
... if 3 or 4 people implement it, we can become more formal
... should be a general solution, rather than openlink specific

arg

lol

scribe: if there's more than 1 or 2 bergi can add those to his tests
... should be a way of dereferencing an LDAP URL
... need to know the LDAP Distinguished Names

<bblfish> action, kingsley to write a small wiki page on ldap protocol answering the questions: what is the schema for publc key in ldap, what dereferencing methods are there + section of links to implementations and small explanation.

he's not on skype

<bblfish> action, Thibodeau to write a small wiki page on ldap protocol answering the questions: what is the schema for publc key in ldap, what dereferencing methods are there + section of links to implementations and small explanation.

scribe: i think we need to make kingsley part of the group

<bblfish> action Thibodeau to write a small wiki page on ldap protocol answering the questions: what is the schema for publc key in ldap, what dereferencing methods are there + section of links to implementations and small explanation.

<trackbot> Created ACTION-33 - Write a small wiki page on ldap protocol answering the questions: what is the schema for publc key in ldap, what dereferencing methods are there + section of links to implementations and small explanation. [on Ted Thibodeau - due 2011-07-11].

gaedke: we've had some proposals but will talk about it when we come to a consensus

<bblfish> don't forget new url webid.info

<gaedke> sure

bblfish: i think that's is for today
... let's meet again next week

<bblfish> hi Andrei?

bblfish: see if we can have more on implementations
... any other questions / issues?
... meeting in paris on sem web CMS btw

jeffsayre: working on a php endpoint

bblfish: php people work together ...

<jeffsayre> bye

<bblfish> goodbye all

bye

<gaedke> bye

<bblfish> trackbot, end meeting

- DRAFT -

WebID Incubator Group Teleconference

04 Jul 2011

Attendees

Contents

Summary of Action Items

Scribe.perl diagnostic output