New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update readme WebID_TLS Section #221
base: main
Are you sure you want to change the base?
Conversation
perploug
commented
Oct 30, 2018
- Remove reference to databox as it is being retired
- Moved the Firefox compatibility up front
- Changed wording and sentences so it flows more natural with the above changes
- Remove reference to databox as it is being retired - Moved the Firefox compatibility up front - Changed wording and sentences so it flows more natural with the above changes
@perploug Is that you? 😮 (Umbraco, 10 years ago?) |
@RubenVerborgh Haha yeah it is :) Still remember the umbraco retreat and your work on the datalayer, good times! |
databox should not be retired, just not accepting new registrations It is in use |
Yeah, but since this is a section titled "Get a WebID", it would be reasonable to accept the patch, wouldn't it? |
Retired or not retired, just make up your mind :) - since https://databox.me/ states the exact phrase "Databox.me is being retired" - that is what I assume is the case. |
README.md
Outdated
@@ -183,10 +183,9 @@ identity provider, such as (2018/2) [solid.community](https://solid.community/), | |||
|
|||
#### WebID_TLS | |||
|
|||
A WebID profile from one of the Solid-compliant [identity providers](https://solid.github.io/solid-idps/), such as [databox.me](https://databox.me/), | |||
WebID-TLS currently only works in Firefox at the moment (Oct 2018) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@perploug Yeah I noticed that Chrome didn't give me the popup anymore lately. Would that still be possible behind a flag?
@melvincarvalho @timbl @kidehen You are client certificate users, what browser(s) work(s) for you?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are no browser specific issues that impede my use of WebID-TLS. It just works :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@perploug But it didn't work for you in other browsers?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I use TLS certs to log in to with chrome, and this still works for me.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I use WebID-TLS on chrome and firefox. No issues here either.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't use the WebId-TLS option as there is it apparently not supported on the solid.community pods (I seem to recall a comment that this option was being deprecated)
The reason the firefox comment is in there is because it was there before, I just moved to the beginning of the sentence - but based on your comments it seems it can be removed all together - will update the PR
And to confirm I do get prompted for a certificates on Osx Chrome and firefox.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
WebID-TLS has always been the primary login system for solid. It is not deprecated. The plan is to support it on solid.community in future. But code needs to be there first.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@melvincarvalho okey - that clears things up a bit - is there any provider which supports WebID-TLS? otherwise I think that should be part of the documentation that users cannot currently expect this functionality
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
databox is the provider that supports WebID-TLS, but it doesnt yet support WebID-OIDC
There is in theory a way where you wrap WebID-TLS inside WebID-OIDC, which also works today, or should work today.
However, by nature the TLS is more secure because it involves two parties, and OIDC is less secure because it requires a trusted third party. On the other hand, the trusted third party has a good network effect today, due to the nature of large email and identity providers.
Over time, it would be good for both protocols to be supported. That was the design aim, but we are not there yet.
Perhaps it should say "databox.me is now not accepting new users, please use..."? |
Sounds good! Hopefully if gold gets some more development, ie to include the popup in the databrowser, we can switch on users again. |
It seems all browsers now support tls, so removing this
What's the status here? |