- From: Henry Story <henry.story@bblfish.net>
- Date: Mon, 12 Nov 2012 21:48:06 +0100
- To: ashok.malhotra@oracle.com
- Cc: Andrei SAMBRA <andrei.sambra@gmail.com>, public-ldp-wg@w3.org
- Message-Id: <902BA030-0B78-41F2-8B10-01DFA2A7FB50@bblfish.net>
On 12 Nov 2012, at 14:20, Ashok Malhotra <ashok.malhotra@oracle.com> wrote: > Hi Andrei: > I have started a Wiki page on access control: > http://www.w3.org/2012/ldp/wiki/AccessControl#Access_Control > Please take a look. This may not cover what you want so please send feedback. > All the best, Ashok Thanks Ashok. I agree with Andrei and Kingsley that Access Control is essential to building distributed Linked Data Apps. Luckily Access Control is orthogonal to LDP, so that they need not step on each others toes: which would be problematic as Identity and Access Control have a lot of stockholders that often seem to be very antagonistic. What we need to do is fill in the use cases on Ashok's Access Control wiki. On the WebID/RWW Community groups we are organising a regular meeting for those who wish to implement Tim Berners Lee's WebAccessControl system referred to by http://www.w3.org/2012/ldp/wiki/AccessControl#W3C_WebAccessControl . I will send another e-mail out soon here, to see if the time we have chosen is one that would allow members of the LDP group to participate. I will also try to start writing up in the WebID community group a spec about Identity interoperability, to show how one can get different identification mechanism - OpenId, BrowserId, ... WebID over TLS - to work together with the an LDP friendly system such as the WebAccessControl ontology . In my view if one looks at this from the logical point of view ( ie semantically ) we can make a lot of what seemed like insurmountable problems disappear or fade away. This does not mean that there is nothing to do: just showing that these systems all can work together will be a major breakthrough, just as it was a major breakthrough in physics to show that Hesperus and Phosphorus - the morning star and the evening star - were both the same star: Venus. So for the time being building up the use cases on the wiki is going to be very important as it is a deliverable for this WG to publish a note on this subject - an essential one since it is true that one cannot build very interesting systems without taking access control into account. > > On 11/11/2012 9:04 PM, Andrei SAMBRA wrote: >> Dear all, >> >> I would like to start by admitting that I might be asking a question that has already been answered. I have tried looking for this topic on the mailing list archive, but I was unable to find any relevant information. >> >> I have recently begun implementing the current LDP spec, and I find myself at the point where I need to add access control to LDP operations and resources/containers. However, there is no mention in the current spec draft about any kind of access control. While I understand why some of you may be against discussing AC at this point, I can't stop asking myself why there is no effort of adding it by design, instead of a future feature. >> >> I know that mentioning access control at this point in the spec implies opening the Pandora's box with all its issues (not the least being the lack of a proper definition for identity in general). I suppose my _personal_ point here is that access control should be a fundamental part of LDP, unless LDP will only be used in the public domain. >> >> I believe some (many?) of you are probably familiar with WebID. As an active member of the WebID CG, I hope that we can find common ground between LDP and WebID, leading to a proposal on how access control can be achieved in LDP. The reason I mentioned WebID is that following recent discussions at TPAC, we have come to agree on a WebID definition that decouples the identity part from the authentication part, potentially leading to WebID over (TLS, OpenID, BrowserID, etc..). By abstracting the authentication part, LDP can instantly take advantage of WebID's _identity_ part. >> >> I am sure that access control is far from being the main priority of the LDP WG at this point, so I would like to propose that those of us interested in access control could at least try to build a wiki page that would serve as a basis for future work. >> >> Please accept my apologies if this subject has been discussed already, as well as for the length of this email. I have recently started getting involved in LDP, and I haven't had the time to go over the minutes for all the previous teleconfs, though I am catching up with the mailing list discussions. >> >> Best wishes, >> Andrei Sambra (MyProfile) > Social Web Architect http://bblfish.net/
Attachments
- application/pkcs7-signature attachment: smime.p7s
Received on Monday, 12 November 2012 20:48:40 UTC