Hi Henry
I was trying to understand the recent changes around webid authentication. I understand that the verification of WebId has been moved to the SSL layer to the http layer. A comment in X509TrustManagerWrapperService says: //At this level we just check if there are webids While FoafSslAuthentication says: /** * Here we no longer care about verifying the web-id claims as this should * already have been done by X509TrustManagerWrapperService */ I assume the second comment is outdated. I'm trying to understand the current working. I see the WebIDClain and X509Claim and theirs class description (scala-doc comments) seem almost identical. Which issue motivated the change of the layer for the WebId verification? Cheers, Reto
