Re: WebID Frustration

On 8/6/13 5:58 PM, Hugh Glaser wrote:
> Actually, this whole thing seems to me (I now realise) nothing to do with WedID per se.

WebID is just a moniker for an HTTP URI that denotes an Agent. It's more 
compact that saying "Personal HTTP URI" or "Agent HTTP URI" etc..

In addition, a WebID can be used with a variety of authentication 
protocols. The thinking behind the WebID+TLS protocol simply boils down 
to using TLS which is widely implemented across existing user agents.

> It is about creating and editing FOAF files.

Yes! It is basically a showcase for web-like structured data endowed 
with machine-comprehensible entity relationship semantics aka. RDF based 
Linked Data.

You have a local profile graph (persisted to your local keystore) and 
you have another published to a publicly acceptable location. Both 
graphs are comprised of identity oriented claims. The authentication 
protocol boils down to testing the degree to which the claims are 
mirrored, as the basis for trust.

If you open up the certificate used to sign my mails you'll notice a 
number of links. One example is 
<http://id.myopenlink.net/certgen/key/8758> which denotes the 
certificate's public key. You can follow-your-nose from there by 
clicking that link, as per usual.

Circa. 2013 we have storage services such as Dropbox, Amazon S3, Google 
Drive, Microsoft SkyDrive, Box.NET etc.., all of these can host a 
profile document that describes claims that mirror those stored in your 
local keychain hosted X.509 cert. You simply use the SAN slot to connect 
these profile documents via a WebID and the leave the rest to logic 
expressible in queries delivered over HTTP e.g., SPARQL ASK  :-)



-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen