At last week’s Solid Community Group Meeting I gave a demo of a Spider crawling access controlled #LDES data published on my Reactive-Solid server. I demonstrate this with HTTPSig authentication showing that this is pretty much as close to the most efficient we could get. I show the sequence diagram and the packets going on the wire in this recording:
Tim Berners-Lee during the call suggested that it could be perhaps even more efficient if the server returned the Web Access Control Rules with a 401. That is interesting. We would need to find a way to make it also work with Caches: as we really want the local cache to know where the default rule is located (in which container), so that future authenticated requests can sign the content before even hitting a 40x…