- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Tue, 14 Aug 2012 23:02:21 +0200
- To: Henry Story <henry.story@bblfish.net>
- Cc: "public-webid@w3.org" <public-webid@w3.org>, Read-Write-Web <public-rww@w3.org>
- Message-ID: <CAKaEYh+AtgsMNv3xhSSh-vHm=DQiqaNTYcu++twVDh5WWfqUgg@mail.gmail.com>
On 14 August 2012 13:11, Henry Story <henry.story@bblfish.net> wrote: > Of interest to both RWW and WebID group: > > Sebastian Tramp, Andrei Sambra, Philip Frischmuth, Michael Martin, Sören > Auer and I have submitted a paper entitled "Extending the WebID protocol > with Access Delegation" for the ISCW 2012, 3rd International Workshop on > Consuming Linked Data > > http://bblfish.net/tmp/2012/08/05/WebID_Delegation.pdf > > The paper has not been accepted yet, and the review process will very > likely allow us to revise parts of it. But the review process can start > here already. Feedback, ideas and implementations are welcome :-) > > More pointers on the wiki > > http://www.w3.org/wiki/WebID/Authorization_Delegation#External_pointers > Very interesting paper. I've read through it once, though suspect I'll be reading it again. Thanks for putting this together. One issue that stands out is fine grained permissions. When I think of delegated authentication, probably the most common (and perhaps) useful example is giving a 3rd party app (e.g. a game) permission to do something somewhere else. Example: I've installed a game on my favourite social network and have completed a quest. The game wishes to perform a SPECIFIC action such as posting to my wall, that I've achieved something, and allowing other of my friends to gain a reward (thus growing the game virally). It seems with the approach above that the 3rd party app would have complete control. Have you thought about how it would be possible to allow fine grained access? > > Sincerely, > > Henry > > Social Web Architect > http://bblfish.net/ > > >
Received on Tuesday, 14 August 2012 21:02:50 UTC