RE: WebID-ISSUE-64 (redirects): Redirects [WebID Spec]

Someone posting from a BBC account noted that it was absolutely critical that there should be redirects - as a simple matter of link management. First, BEFORE ANYONE ACCEPTS THIS ISSUE, SOMEONE NEEDS TO ASSERT THAT THERE REALLY IS A PROBLEM with redirects. If so, characterize it. My gut tells me that there are (reasoning as did the openid folks, faced with the very same issues). Dont accept *my* word for it. Im reasoning purely by analogy. I just watched in a spying proxy the blogspot openid validation agents (known as consumer) pull the wordpress XRD metadata file for my blog site (where that XRD document pull is a analogous to pulling the webid profile document). In openid spec, there are specific conformance rules concerning how to handle redirects, and http/https issues. Perhaps distinguish between two classes of analysis: 1) that which openid faces, similarly2) any due to the nature of the semantic web querying model, specifically. Is the problem any more or less pertiennt since the cert:identity component was deprecated, changing the very nature of the query  listed in the spec? The change of query in last week's spec design has put me out considerably, since I don't understand it yet - in the security sense. The change upset what I thought I understood for 2+ years...about the nature of this protocol, based on the previous query design. I had been basing assurance on properties you advocated as critical to the security logic, previously: inverse functional relations - that are now no longer present or dominate the security enforcement logic. It will take some time to settle down, as I understand the change.            > To: public-xg-webid@w3.org
> From: sysbot+tracker@w3.org
> Date: Fri, 25 Nov 2011 13:06:02 +0000
> Subject: WebID-ISSUE-64 (redirects): Redirects [WebID Spec]
> 
> 
> WebID-ISSUE-64 (redirects): Redirects [WebID Spec]
> 
> http://www.w3.org/2005/Incubator/webid/track/issues/64
> 
> Raised by: Henry Story
> On product: WebID Spec
> 
> Peter Williams correctly points out that the spec should have some text and some thought go into what happens or should happen with HTTP redirects, when fetching a profile. Even if it is just to say that one should not follow those.
> 
> 
> 
 		 	   		  

Received on Friday, 25 November 2011 14:12:44 UTC