00:21:22 deiu has quit (Quit: Leaving) 00:38:15 mattl has quit (Ping timeout: 265 seconds) 00:39:31 mattl (sid14229@gnu/mattl) has joined #dig 00:43:54 scor (~scor@drupal.org/user/52142/view) has joined #dig 01:10:29 scor has quit (Quit: scor) 01:16:02 timbl (~timbl@12.130.126.51) has joined #dig 02:13:31 Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig 03:02:48 scor (~scor@drupal.org/user/52142/view) has joined #dig 03:33:16 scor has quit (Quit: scor) 03:40:01 timbl has quit (Quit: timbl) 03:40:32 Pipian-Work has quit (Quit: Pipian-Work) 04:00:15 Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig 04:11:35 timbl (~timbl@12.130.126.51) has joined #dig 04:17:41 slvrbckt has quit (Ping timeout: 265 seconds) 04:18:19 slvrbckt (~nkj@xvm-166-244.ghst.net) has joined #dig 04:29:27 timbl has quit (Quit: timbl) 05:34:25 Pipian-Work has quit (Quit: Pipian-Work) 05:34:52 Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig 07:03:22 bblfish has quit (Remote host closed the connection) 07:19:48 Pipian-Work has quit (Quit: Pipian-Work) 07:30:34 cheater (~cheater@p57AE8FC1.dip0.t-ipconnect.de) has joined #dig 07:33:19 cheater_ has quit (Ping timeout: 245 seconds) 09:13:03 Sebastien-L (~sebastien@2a01:e35:8b47:7ab0:fdbb:483d:5ce7:9d82) has joined #dig 09:41:07 bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig 09:42:22 bblfish_ (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig 09:45:37 bblfish has quit (Ping timeout: 240 seconds) 10:43:33 bblfish_ has quit (Remote host closed the connection) 10:44:07 bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig 10:48:29 bblfish has quit (Ping timeout: 240 seconds) 11:04:30 bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig 11:42:50 Ralph (rswick@w3cvpn1.w3.org) has joined #dig 11:42:56 Ralph is now known as RalphS 11:44:15 DIGlogger (~dig-logge@groups.csail.mit.edu) has joined #dig 11:44:16 topic is: Decentralized Information Group @ MIT http://dig.csail.mit.edu/ 11:44:16 Users on #dig: DIGlogger RalphS bblfish Sebastien-L cheater slvrbckt mattl melvster bergi sandro ericP betehess daniel-s1ith presbrey Yudai 11:44:25 rszeno (~rszeno@79.114.100.130) has joined #dig 12:05:02 scor (scor@drupal.org/user/52142/view) has joined #dig 12:43:54 rszeno has quit (Quit: Leaving.) 12:54:46 bblfish has quit (Remote host closed the connection) 12:55:15 bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig 12:55:21 Yudai has quit (Ping timeout: 265 seconds) 12:59:29 bblfish has quit (Ping timeout: 240 seconds) 13:09:44 Sebastien-L has quit (Ping timeout: 246 seconds) 13:10:44 Yudai (~Yudai@nttkyo394152.tkyo.nt.ngn2.ppp.infoweb.ne.jp) has joined #dig 13:17:16 deiu (~andrei@30-5-246.wireless.csail.mit.edu) has joined #dig 13:17:16 deiu has quit (Changing host) 13:17:16 deiu (~andrei@unaffiliated/deiu) has joined #dig 13:23:34 bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig 13:37:20 Sebastien-L (~sebastien@2a01:e35:8b47:7ab0:fdbb:483d:5ce7:9d82) has joined #dig 14:42:12 hi anyone here? 14:42:42 @Sebastien-L had an interesting question with regard to WebAccessControl 14:43:55 Currently when we do a GET on a resource we can find out in the Allow what other methods are allowed on the resource 14:44:45 Sebastien-L, wants to show an ACL editing button, but only if the user has write access to the acl 14:45:18 but he wanted to avoid doing an extra GET on the acl to see if he has Control access 14:46:27 ( which reminds me that I have not implemented Control correctly ) 14:47:16 I drew up a mapping between WAC and HTTP verbs https://www.w3.org/wiki/WebAccessControl#WAC_relation_to_HTTP_Verbs 14:47:28 and there is no easy way to fit CONTROL in there. 14:52:47 Still I suppse: one rule would be: one should not SHOW the acl if the user does not have READ permission on it. 14:53:27 That should do. If he wants to see it, then the view should tell him if he can edit it... 15:00:38 also, it would be great if you could disable authentication for publicly readable/writable resources, since you're going to read the ACL policy before responding to the HTTP request 15:00:52 that would help with privacy 15:01:27 but then a user who did not have read permission would not know what the resource was to which he should go to authenticate. 15:02:18 oops deiu, just saw your two lines there 15:03:03 deiu, hello, normally in rww play i think the public resources doesn't ask for a cert 15:03:04 well on rww-play we don't ask the user to authenticate on publicly readable resource 15:03:23 hey 15:03:39 btw, I'm working on a new WebID auth protocol that doesn't involve client certs anymore 15:04:04 I'll give more details once I make sure it's safe enough 15:04:05 the created card is now public (to make auth possible on other services) and it is accessible in read 15:04:12 ok 15:04:47 ok, good luck. Btw, I posted a couple of items to the WebID mailing list on improvemetns to TLS that could come up... 15:04:52 deiu, don't you think instead of the Allow header returning http verbs it could be nice to have a header to give us the WAC modes available on a resource, according to the agent 15:05:37 it would then be possible if we have Control access on ACL, because the problem is that it can't be deducted from the http verbs of the current resource and needs an extra fetch 15:05:45 returning the WAC modes should only happen if the user has authenticated 15:05:57 btw, I'm in a call now, so can't talk much :( 15:06:29 we often want to know if we have control access, without necessarily the need to know the content of the acl file, so an extra fetch could be avoided 15:07:05 deiu, I think the WAC modes should be returned even if the user hasn't authenticated. We then return the public WAC modes available 15:07:38 for exemple a webid card generally needs to be public (so that the public key is available for auth) 15:07:44 while the owner has read/write access 15:08:02 yeah, it's ok if you're just returning public modes 15:08:09 so if some agent (potentially the card ownre) try to access the card without auth he would get READ 15:08:19 djweitzner (801e077c@gateway/web/freenode/ip.128.30.7.124) has joined #dig 15:08:22 and if the owner ask with auth he would get READ WRITE 15:08:27 hi all 15:08:30 if someone else ask with auth he would get READ 15:08:31 hi 15:09:00 yes deiu of course, we return the modes that apply to the current agent 15:09:00 Sebastien-L: the tricky thing is that we want to avoid repeating all the Allow: headers all over again. 15:09:14 DIG weekly meeting starting 15:09:14 Sebastien-L, bblfish: we're going to use the channel for a meeting now 15:09:14 why 15:09:36 ok 15:09:48 lkagal (~lkagal@30-6-209.wireless.csail.mit.edu) has joined #dig 15:09:57 http://cimba.co - the Web app 15:10:36 djweitzner_ (801e077c@gateway/web/freenode/ip.128.30.7.124) has joined #dig 15:10:38 sharon (801e06ae@gateway/web/freenode/ip.128.30.6.174) has joined #dig 15:13:33 djweitzner has quit (Ping timeout: 245 seconds) 15:21:15 kkw (~kkrasnoww@cpe-66-108-179-55.nyc.res.rr.com) has joined #dig 15:24:16 deiu: here's an output on a public resource 15:24:24 $ curl -k -I -H "Accept: text/turtle" https://bblfish.stample.io/card 15:24:24 HTTP/1.1 200 OK 15:24:24 Access-Control-Allow-Origin: * 15:24:26 Allow: GET, HEAD 15:24:28 Content-Type: text/turtle 15:24:30 Accept-Patch: application/sparql-update 15:24:32 Link: ; rel=type 15:25:06 mhh missing the acl link... 15:38:17 Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig 15:41:26 ... tried logging into cimpa.co with my bblfish.net webid. It asked for certificate but then said "Authentication failed" 16:04:51 Pipian-Work has quit (Quit: Pipian-Work) 16:06:53 djweitzner_ has quit (Ping timeout: 245 seconds) 16:13:16 lkagal has quit (Quit: lkagal) 16:13:24 Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig 16:13:54 kkw has left #dig 16:15:13 sharon has quit (Ping timeout: 245 seconds) 16:18:32 lkagal (~lkagal@30-6-209.wireless.csail.mit.edu) has joined #dig 16:23:33 Pipian-Work has quit (Quit: Pipian-Work) 16:28:42 timbl (~timbl@64.114.196.114) has joined #dig 16:30:09 lkagal has quit (Quit: lkagal) 16:33:46 I added https://github.com/stample/rww-play/issues/112, implement wac:Control 16:34:18 but this makes me realise there is a problem with that. It does not allow me to specify that I want the acl to be readable, but not writeable 16:36:21 and this is in fact I believe very useful: such as when I want people to know that to comment somewhere they have to have been part of some group, say the dig:Group 16:36:56 then people would know they have to instrive at MIT to be able to participate. 16:41:07 I am not sure Control is needed. An acl file can just use itself as an acl file, by having a Link: <> rel=acl 16:49:50 bblfish: indeed, that's how I use it on rww.io 16:50:21 the policy for the acl file is defined in the same file 16:59:00 I think I probably do that too. 16:59:03 let me check... 17:05:25 lkagal (~lkagal@30-6-209.wireless.csail.mit.edu) has joined #dig 17:11:03 bblfish has quit (Remote host closed the connection) 17:11:39 bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig 17:16:02 bblfish has quit (Ping timeout: 241 seconds) 17:23:20 bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig 17:31:33 Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig 17:35:54 timbl has quit (Quit: timbl) 17:41:24 Pipian-Work has quit (Quit: Pipian-Work) 17:57:54 timbl (~timbl@64.114.196.114) has joined #dig 18:06:04 lkagal has quit (Quit: lkagal) 18:09:31 timbl has quit (Quit: timbl) 18:18:17 timbl (~timbl@64.114.196.114) has joined #dig 18:18:51 bblfish, I can log to deiu 's cymba service with my rww-play webid 18:19:25 lkagal (~lkagal@30-6-209.wireless.csail.mit.edu) has joined #dig 18:21:47 but deiu the "verify your webid" code doesn't seem to work fine for me 18:24:42 ( We had a few upgrages do rww-play, but the code on auth was not affected ) 18:25:13 so I was able to test it and indeed you can access my acl because it is written in the file. See curl -i -k https://bblfish.stample.io/card.acl 18:25:13 timbl has quit (Quit: timbl) 18:25:34 so the details of the reasoning is here: https://github.com/stample/rww-play/issues/112 18:27:32 timbl (~timbl@64.114.196.114) has joined #dig 18:28:53 timbl has quit (Client Quit) 18:29:13 Sebastien-L, deiu: I think it could be that deiu is not comparing the modulus character by character, and that my bblfish.net one is all upercase, while the stample one is lower case 18:29:20 s/not// 18:29:29 "he is comparing it char by char" 18:29:57 the modulus should be turned into a big integer in hex mode, then compared 18:30:49 ok, so I think I have come to the conclusion that wac:Control is now well thought through. I give reasons here https://github.com/stample/rww-play/issues/112 18:30:55 and I'll post it to the wiki 18:36:31 bblfish: I'm using sparql to compare modulus 18:36:49 yes, SPARQL are often bad at hex comparison 18:36:56 it says so in the spec :-) 18:37:04 WebID-TLS spec 18:37:52 I wrote an algorithm out for people with faulty SPARQL 18:37:56 in the spec too 18:40:10 Ok I updated the WAC wiki https://www.w3.org/wiki/index.php?title=WebAccessControl&diff=72354&oldid=72351 18:40:51 deiu: Sebastien-L solved the problem with how to get the header info. I think he's about to publish it 18:41:00 in rdflib.js 18:42:12 Nice 18:42:20 you may have to expose some headers on your server too btw 18:44:26 which ones? 18:44:59 deiu 18:46:56 zuzak (~zuzak@wikimedia/microchip08) has joined #dig 18:47:41 hehe deiu, Sebastien-L has allready opened an issue of rww-play integration with cymba https://github.com/stample/rww-play/issues/113 18:47:52 ok, I have to go back to Fontainebleau 18:47:58 Great 18:48:10 I'm really busy with some travel arrangements 18:48:14 we'll talk more soon 18:50:21 lkagal has quit (Quit: lkagal) 18:57:59 bblfish has quit (Ping timeout: 240 seconds) 19:08:23 Sebastien-L has quit (Ping timeout: 255 seconds) 19:46:12 deiu has quit (Ping timeout: 255 seconds) 20:00:51 deiu (~andrei@w3cdhcp71.w3.org) has joined #dig 20:00:51 deiu has quit (Changing host) 20:00:51 deiu (~andrei@unaffiliated/deiu) has joined #dig 20:12:42 RalphS has quit () 20:23:10 lkagal (~lkagal@pool-108-20-203-24.bstnma.fios.verizon.net) has joined #dig 20:47:55 deiu has quit (Ping timeout: 264 seconds) 20:59:12 deiu (~andrei@30-5-246.wireless.csail.mit.edu) has joined #dig 20:59:12 deiu has quit (Changing host) 20:59:12 deiu (~andrei@unaffiliated/deiu) has joined #dig 21:08:34 scor has quit (Quit: scor) 21:11:39 bblfish_ (~bblfish@AAubervilliers-651-1-232-137.w86-198.abo.wanadoo.fr) has joined #dig 21:19:50 DIGlogger, pointer? 21:19:50 See http://dig.csail.mit.edu/irc/dig/2014-03-13#T21-19-50 21:43:13 deiu has quit (Ping timeout: 240 seconds) 21:45:08 lkagal has quit (Quit: lkagal) 21:55:11 deiu (~andrei@w3cdhcp71.w3.org) has joined #dig 21:55:12 deiu has quit (Changing host) 21:55:12 deiu (~andrei@unaffiliated/deiu) has joined #dig 23:20:24 timbl (~timbl@S01060026f30545f7.vn.shawcable.net) has joined #dig 23:28:11 lkagal (~lkagal@pool-108-20-203-24.bstnma.fios.verizon.net) has joined #dig 23:42:52 timbl has quit (Quit: timbl)