IRC log of dig on 2014-03-13

Timestamps are in UTC.

00:21:22 [deiu]

deiu has quit (Quit: Leaving)

00:38:15 [mattl]

mattl has quit (Ping timeout: 265 seconds)

00:39:31 [mattl]

mattl (sid14229@gnu/mattl) has joined #dig

00:43:54 [scor]

scor (~scor@drupal.org/user/52142/view) has joined #dig

01:10:29 [scor]

scor has quit (Quit: scor)

01:16:02 [timbl]

timbl (~timbl@12.130.126.51) has joined #dig

02:13:31 [Pipian-Work]

Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig

03:02:48 [scor]

scor (~scor@drupal.org/user/52142/view) has joined #dig

03:33:16 [scor]

scor has quit (Quit: scor)

03:40:01 [timbl]

timbl has quit (Quit: timbl)

03:40:32 [Pipian-Work]

Pipian-Work has quit (Quit: Pipian-Work)

04:00:15 [Pipian-Work]

Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig

04:11:35 [timbl]

timbl (~timbl@12.130.126.51) has joined #dig

04:17:41 [slvrbckt]

slvrbckt has quit (Ping timeout: 265 seconds)

04:18:19 [slvrbckt]

slvrbckt (~nkj@xvm-166-244.ghst.net) has joined #dig

04:29:27 [timbl]

timbl has quit (Quit: timbl)

05:34:25 [Pipian-Work]

Pipian-Work has quit (Quit: Pipian-Work)

05:34:52 [Pipian-Work]

Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig

07:03:22 [bblfish]

bblfish has quit (Remote host closed the connection)

07:19:48 [Pipian-Work]

Pipian-Work has quit (Quit: Pipian-Work)

07:30:34 [cheater]

cheater (~cheater@p57AE8FC1.dip0.t-ipconnect.de) has joined #dig

07:33:19 [cheater_]

cheater_ has quit (Ping timeout: 245 seconds)

09:13:03 [Sebastien-L]

Sebastien-L (~sebastien@2a01:e35:8b47:7ab0:fdbb:483d:5ce7:9d82) has joined #dig

09:41:07 [bblfish]

bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig

09:42:22 [bblfish_]

bblfish_ (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig

09:45:37 [bblfish]

bblfish has quit (Ping timeout: 240 seconds)

10:43:33 [bblfish_]

bblfish_ has quit (Remote host closed the connection)

10:44:07 [bblfish]

bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig

10:48:29 [bblfish]

bblfish has quit (Ping timeout: 240 seconds)

11:04:30 [bblfish]

bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig

11:42:50 [Ralph]

Ralph (rswick@w3cvpn1.w3.org) has joined #dig

11:42:56 [Ralph]

Ralph is now known as RalphS

11:44:15 [DIGlogger]

DIGlogger (~dig-logge@groups.csail.mit.edu) has joined #dig

11:44:16 [dickson.freenode.net]

topic is: Decentralized Information Group @ MIT http://dig.csail.mit.edu/

11:44:16 [dickson.freenode.net]

Users on #dig: DIGlogger RalphS bblfish Sebastien-L cheater slvrbckt mattl melvster bergi sandro ericP betehess daniel-s1ith presbrey Yudai

11:44:25 [rszeno]

rszeno (~rszeno@79.114.100.130) has joined #dig

12:05:02 [scor]

scor (scor@drupal.org/user/52142/view) has joined #dig

12:43:54 [rszeno]

rszeno has quit (Quit: Leaving.)

12:54:46 [bblfish]

bblfish has quit (Remote host closed the connection)

12:55:15 [bblfish]

bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig

12:55:21 [Yudai]

Yudai has quit (Ping timeout: 265 seconds)

12:59:29 [bblfish]

bblfish has quit (Ping timeout: 240 seconds)

13:09:44 [Sebastien-L]

Sebastien-L has quit (Ping timeout: 246 seconds)

13:10:44 [Yudai]

Yudai (~Yudai@nttkyo394152.tkyo.nt.ngn2.ppp.infoweb.ne.jp) has joined #dig

13:17:16 [deiu]

deiu (~andrei@30-5-246.wireless.csail.mit.edu) has joined #dig

13:17:16 [deiu]

deiu has quit (Changing host)

13:17:16 [deiu]

deiu (~andrei@unaffiliated/deiu) has joined #dig

13:23:34 [bblfish]

bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig

13:37:20 [Sebastien-L]

Sebastien-L (~sebastien@2a01:e35:8b47:7ab0:fdbb:483d:5ce7:9d82) has joined #dig

14:42:12 [bblfish]

hi anyone here?

14:42:42 [bblfish]

@Sebastien-L had an interesting question with regard to WebAccessControl

14:43:55 [bblfish]

Currently when we do a GET on a resource we can find out in the Allow what other methods are allowed on the resource

14:44:45 [bblfish]

Sebastien-L, wants to show an ACL editing button, but only if the user has write access to the acl

14:45:18 [bblfish]

but he wanted to avoid doing an extra GET on the acl to see if he has Control access

14:46:27 [bblfish]

( which reminds me that I have not implemented Control correctly )

14:47:16 [bblfish]

I drew up a mapping between WAC and HTTP verbs https://www.w3.org/wiki/WebAccessControl#WAC_relation_to_HTTP_Verbs

14:47:28 [bblfish]

and there is no easy way to fit CONTROL in there.

14:52:47 [bblfish]

Still I suppse: one rule would be: one should not SHOW the acl if the user does not have READ permission on it.

14:53:27 [bblfish]

That should do. If he wants to see it, then the view should tell him if he can edit it...

15:00:38 [deiu]

also, it would be great if you could disable authentication for publicly readable/writable resources, since you're going to read the ACL policy before responding to the HTTP request

15:00:52 [deiu]

that would help with privacy

15:01:27 [bblfish]

but then a user who did not have read permission would not know what the resource was to which he should go to authenticate.

15:02:18 [bblfish]

oops deiu, just saw your two lines there

15:03:03 [Sebastien-L]

deiu, hello, normally in rww play i think the public resources doesn't ask for a cert

15:03:04 [bblfish]

well on rww-play we don't ask the user to authenticate on publicly readable resource

15:03:23 [deiu]

hey

15:03:39 [deiu]

btw, I'm working on a new WebID auth protocol that doesn't involve client certs anymore

15:04:04 [deiu]

I'll give more details once I make sure it's safe enough

15:04:05 [Sebastien-L]

the created card is now public (to make auth possible on other services) and it is accessible in read

15:04:12 [Sebastien-L]

ok

15:04:47 [bblfish]

ok, good luck. Btw, I posted a couple of items to the WebID mailing list on improvemetns to TLS that could come up...

15:04:52 [Sebastien-L]

deiu, don't you think instead of the Allow header returning http verbs it could be nice to have a header to give us the WAC modes available on a resource, according to the agent

15:05:37 [Sebastien-L]

it would then be possible if we have Control access on ACL, because the problem is that it can't be deducted from the http verbs of the current resource and needs an extra fetch

15:05:45 [deiu]

returning the WAC modes should only happen if the user has authenticated

15:05:57 [deiu]

btw, I'm in a call now, so can't talk much :(

15:06:29 [Sebastien-L]

we often want to know if we have control access, without necessarily the need to know the content of the acl file, so an extra fetch could be avoided

15:07:05 [Sebastien-L]

deiu, I think the WAC modes should be returned even if the user hasn't authenticated. We then return the public WAC modes available

15:07:38 [Sebastien-L]

for exemple a webid card generally needs to be public (so that the public key is available for auth)

15:07:44 [Sebastien-L]

while the owner has read/write access

15:08:02 [deiu]

yeah, it's ok if you're just returning public modes

15:08:09 [Sebastien-L]

so if some agent (potentially the card ownre) try to access the card without auth he would get READ

15:08:19 [djweitzner]

djweitzner (801e077c@gateway/web/freenode/ip.128.30.7.124) has joined #dig

15:08:22 [Sebastien-L]

and if the owner ask with auth he would get READ WRITE

15:08:27 [djweitzner]

hi all

15:08:30 [Sebastien-L]

if someone else ask with auth he would get READ

15:08:31 [Sebastien-L]

hi

15:09:00 [Sebastien-L]

yes deiu of course, we return the modes that apply to the current agent

15:09:00 [bblfish]

Sebastien-L: the tricky thing is that we want to avoid repeating all the Allow: headers all over again.

15:09:14 [djweitzner]

DIG weekly meeting starting

15:09:14 [deiu]

Sebastien-L, bblfish: we're going to use the channel for a meeting now

15:09:14 [Sebastien-L]

why

15:09:36 [Sebastien-L]

ok

15:09:48 [lkagal]

lkagal (~lkagal@30-6-209.wireless.csail.mit.edu) has joined #dig

15:09:57 [deiu]

http://cimba.co - the Web app

15:10:36 [djweitzner_]

djweitzner_ (801e077c@gateway/web/freenode/ip.128.30.7.124) has joined #dig

15:10:38 [sharon]

sharon (801e06ae@gateway/web/freenode/ip.128.30.6.174) has joined #dig

15:13:33 [djweitzner]

djweitzner has quit (Ping timeout: 245 seconds)

15:21:15 [kkw]

kkw (~kkrasnoww@cpe-66-108-179-55.nyc.res.rr.com) has joined #dig

15:24:16 [bblfish]

deiu: here's an output on a public resource

15:24:24 [bblfish]

$ curl -k -I -H "Accept: text/turtle" https://bblfish.stample.io/card

15:24:24 [bblfish]

HTTP/1.1 200 OK

15:24:24 [bblfish]

Access-Control-Allow-Origin: *

15:24:26 [bblfish]

Allow: GET, HEAD

15:24:28 [bblfish]

Content-Type: text/turtle

15:24:30 [bblfish]

Accept-Patch: application/sparql-update

15:24:32 [bblfish]

Link: <http://www.w3.org/ns/ldp#Resource>; rel=type

15:25:06 [bblfish]

mhh missing the acl link...

15:38:17 [Pipian-Work]

Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig

15:41:26 [bblfish]

... tried logging into cimpa.co with my bblfish.net webid. It asked for certificate but then said "Authentication failed"

16:04:51 [Pipian-Work]

Pipian-Work has quit (Quit: Pipian-Work)

16:06:53 [djweitzner_]

djweitzner_ has quit (Ping timeout: 245 seconds)

16:13:16 [lkagal]

lkagal has quit (Quit: lkagal)

16:13:24 [Pipian-Work]

Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig

16:13:54 [kkw]

kkw has left #dig

16:15:13 [sharon]

sharon has quit (Ping timeout: 245 seconds)

16:18:32 [lkagal]

lkagal (~lkagal@30-6-209.wireless.csail.mit.edu) has joined #dig

16:23:33 [Pipian-Work]

Pipian-Work has quit (Quit: Pipian-Work)

16:28:42 [timbl]

timbl (~timbl@64.114.196.114) has joined #dig

16:30:09 [lkagal]

lkagal has quit (Quit: lkagal)

16:33:46 [bblfish]

I added https://github.com/stample/rww-play/issues/112, implement wac:Control

16:34:18 [bblfish]

but this makes me realise there is a problem with that. It does not allow me to specify that I want the acl to be readable, but not writeable

16:36:21 [bblfish]

and this is in fact I believe very useful: such as when I want people to know that to comment somewhere they have to have been part of some group, say the dig:Group

16:36:56 [bblfish]

then people would know they have to instrive at MIT to be able to participate.

16:41:07 [bblfish]

I am not sure Control is needed. An acl file can just use itself as an acl file, by having a Link: <> rel=acl

16:49:50 [deiu]

bblfish: indeed, that's how I use it on rww.io

16:50:21 [deiu]

the policy for the acl file is defined in the same file

16:59:00 [bblfish]

I think I probably do that too.

16:59:03 [bblfish]

let me check...

17:05:25 [lkagal]

lkagal (~lkagal@30-6-209.wireless.csail.mit.edu) has joined #dig

17:11:03 [bblfish]

bblfish has quit (Remote host closed the connection)

17:11:39 [bblfish]

bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig

17:16:02 [bblfish]

bblfish has quit (Ping timeout: 241 seconds)

17:23:20 [bblfish]

bblfish (~bblfish@host.214.33.23.62.rev.coltfrance.com) has joined #dig

17:31:33 [Pipian-Work]

Pipian-Work (~Pipian@c-76-21-2-110.hsd1.ca.comcast.net) has joined #dig

17:35:54 [timbl]

timbl has quit (Quit: timbl)

17:41:24 [Pipian-Work]

Pipian-Work has quit (Quit: Pipian-Work)

17:57:54 [timbl]

timbl (~timbl@64.114.196.114) has joined #dig

18:06:04 [lkagal]

lkagal has quit (Quit: lkagal)

18:09:31 [timbl]

timbl has quit (Quit: timbl)

18:18:17 [timbl]

timbl (~timbl@64.114.196.114) has joined #dig

18:18:51 [Sebastien-L]

bblfish, I can log to deiu 's cymba service with my rww-play webid

18:19:25 [lkagal]

lkagal (~lkagal@30-6-209.wireless.csail.mit.edu) has joined #dig

18:21:47 [Sebastien-L]

but deiu the "verify your webid" code doesn't seem to work fine for me

18:24:42 [bblfish]

( We had a few upgrages do rww-play, but the code on auth was not affected )

18:25:13 [bblfish]

so I was able to test it and indeed you can access my acl because it is written in the file. See curl -i -k https://bblfish.stample.io/card.acl

18:25:13 [timbl]

timbl has quit (Quit: timbl)

18:25:34 [bblfish]

so the details of the reasoning is here: https://github.com/stample/rww-play/issues/112

18:27:32 [timbl]

timbl (~timbl@64.114.196.114) has joined #dig

18:28:53 [timbl]

timbl has quit (Client Quit)

18:29:13 [bblfish]

Sebastien-L, deiu: I think it could be that deiu is not comparing the modulus character by character, and that my bblfish.net one is all upercase, while the stample one is lower case

18:29:20 [bblfish]

s/not//

18:29:29 [bblfish]

"he is comparing it char by char"

18:29:57 [bblfish]

the modulus should be turned into a big integer in hex mode, then compared

18:30:49 [bblfish]

ok, so I think I have come to the conclusion that wac:Control is now well thought through. I give reasons here https://github.com/stample/rww-play/issues/112

18:30:55 [bblfish]

and I'll post it to the wiki

18:36:31 [deiu]

bblfish: I'm using sparql to compare modulus

18:36:49 [bblfish]

yes, SPARQL are often bad at hex comparison

18:36:56 [bblfish]

it says so in the spec :-)

18:37:04 [bblfish]

WebID-TLS spec

18:37:52 [bblfish]

I wrote an algorithm out for people with faulty SPARQL

18:37:56 [bblfish]

in the spec too

18:40:10 [bblfish]

Ok I updated the WAC wiki https://www.w3.org/wiki/index.php?title=WebAccessControl&diff=72354&oldid=72351

18:40:51 [bblfish]

deiu: Sebastien-L solved the problem with how to get the header info. I think he's about to publish it

18:41:00 [bblfish]

in rdflib.js

18:42:12 [deiu]

Nice

18:42:20 [deiu]

you may have to expose some headers on your server too btw

18:44:26 [bblfish]

which ones?

18:44:59 [bblfish]

deiu

18:46:56 [zuzak]

zuzak (~zuzak@wikimedia/microchip08) has joined #dig

18:47:41 [bblfish]

hehe deiu, Sebastien-L has allready opened an issue of rww-play integration with cymba https://github.com/stample/rww-play/issues/113

18:47:52 [bblfish]

ok, I have to go back to Fontainebleau

18:47:58 [deiu]

Great

18:48:10 [deiu]

I'm really busy with some travel arrangements

18:48:14 [deiu]

we'll talk more soon

18:50:21 [lkagal]

lkagal has quit (Quit: lkagal)

18:57:59 [bblfish]

bblfish has quit (Ping timeout: 240 seconds)

19:08:23 [Sebastien-L]

Sebastien-L has quit (Ping timeout: 255 seconds)

19:46:12 [deiu]

deiu has quit (Ping timeout: 255 seconds)

20:00:51 [deiu]

deiu (~andrei@w3cdhcp71.w3.org) has joined #dig

20:00:51 [deiu]

deiu has quit (Changing host)

20:00:51 [deiu]

deiu (~andrei@unaffiliated/deiu) has joined #dig

20:12:42 [RalphS]

RalphS has quit ()

20:23:10 [lkagal]

lkagal (~lkagal@pool-108-20-203-24.bstnma.fios.verizon.net) has joined #dig

20:47:55 [deiu]

deiu has quit (Ping timeout: 264 seconds)

20:59:12 [deiu]

deiu (~andrei@30-5-246.wireless.csail.mit.edu) has joined #dig

20:59:12 [deiu]

deiu has quit (Changing host)

20:59:12 [deiu]

deiu (~andrei@unaffiliated/deiu) has joined #dig

21:08:34 [scor]

scor has quit (Quit: scor)

21:11:39 [bblfish_]

bblfish_ (~bblfish@AAubervilliers-651-1-232-137.w86-198.abo.wanadoo.fr) has joined #dig

21:19:50 [bblfish_]

DIGlogger, pointer?

21:19:50 [bblfish_]

See http://dig.csail.mit.edu/irc/dig/2014-03-13#T21-19-50

21:43:13 [deiu]

deiu has quit (Ping timeout: 240 seconds)

21:45:08 [lkagal]

lkagal has quit (Quit: lkagal)

21:55:11 [deiu]

deiu (~andrei@w3cdhcp71.w3.org) has joined #dig

21:55:12 [deiu]

deiu has quit (Changing host)

21:55:12 [deiu]

deiu (~andrei@unaffiliated/deiu) has joined #dig

23:20:24 [timbl]

timbl (~timbl@S01060026f30545f7.vn.shawcable.net) has joined #dig

23:28:11 [lkagal]

lkagal (~lkagal@pool-108-20-203-24.bstnma.fios.verizon.net) has joined #dig

23:42:52 [timbl]

timbl has quit (Quit: timbl)