Re: Use Cases and Requirements document for WebID from Henry Story on 2012-12-13 (public-webid@w3.org from December 2012)

From: Henry Story <henry.story@bblfish.net>
Date: Thu, 13 Dec 2012 12:19:49 +0100
To: nathan@webr3.org
Cc: Alexandre Bertails <bertails@w3.org>, public-webid Group <public-webid@w3.org>
Message-Id: <11D61B91-BA2B-45B4-B841-B61FD17FFE01@bblfish.net>
[removed read-write-web]

Hi Nathan,

  I think Alex put that together quite quickly ( and I think he's really busy 
writing W3C validators right now ), so we'll need to do a bit of interpretation
of what he intended, trying to use the principles of charity as far as possible
( ie. don't make the person you are interpreting say something nonsensical )

On 11 Dec 2012, at 17:29, Nathan <nathan@webr3.org> wrote:

> Henry Story wrote:
>> Use-Cases:
>> 	• referring to one's identity
> 
> "one's"? are we excluding machine agents?
> 
> I'd love to go in to detail about referring to the identity of a thing, but will simply propose this is swapped to "providing a reference to an agent", or words to that effect.

yes. good point. 

Perhaps:

"For any Agent A with a WebID w, w must globally refer to A".

I would add:

"For any Agent A with a WebID w, w must globally refer to A, and the meaning of w must
be discoverable from the name w alone, such that it can be determined that w refers to A"

ie. we want the meaning of the term w to be defined so that it does not require 
backchannels to grasp the meaning.

I feel like adding "in a Linked Data Space", but I suppose LDP below takes care of that.

> 
>> 	• WebID-based authentication
>> 	• WebID-based authorization
> 
> WebID-compatible, or WebID-based?

My guess is that 

"Given that Agent A uses WebID W, W MUST be useable for Authentication and for Authorization of A".

In any case those are core use cases.

> 
>> Requirements:
>> 	• one MUST be able to change one's WebID
> 
> well... we MUST be able to have multiple WebIDs, and have a preferred or canonical one, the notion of "changing" is a bit strange within the timelessness of RDF.

Again you are right. There seem to be a few subtopics here:

 1. Allow any Agent A to have n number of WebIDs, where n>=0
 2. If an Agent A is widely known to have identity w, allow a method of transition from w to a 
    new identifier w2, such that the network of trust built up on w can be transferred to w2

So that seems to give us another use case:

   • distributed trust or linkability

> 
>> 	• one MUST distinguish a WebID (a simple URI for a Web Resource) from a WebID Profile (the Web Information Resource). This SHOULD not rely on dereferencing.
> 
> Can we keep this to MUSTs and not SHOULDs.

I think one can keep 
   • one MUST distinguish a WebID (a simple URI for a Web Resource) from a WebID Profile

The "SHOULD not rely on dereferencing" part would clearly be a conclusion to be reached in some
other way, but as an initial requirement it seems to need justification, or else we just pushed the
303 debate into the requirements.


> 
>> 	• the system MUST take efficiency into account
> 
> Which system? and efficiency of? (Network, Implementation, Inference and Querying?)

  I suppose architectural efficiency. This is an engineering structure we are putting in place
not a logical/mathematical one, so yes. This seems more like a selection principle when confronted
with a number of possibilities.

> 
>> 	• the system MUST not introduce any incompatibility with LDP, especially for Write operations
> 
> the "especially for.." is redundant.

  agree, this can be:

  • the system MUST not introduce any incompatibility with LDP

But that's not that interesting. I think much more interesting is a use case that
( I am not so keen on MUST and should .... )

  • creation of account and WebID using LDP 
  • edit attributes using LDP - this is key differentiator with say OpenId Attribute Exchange
  • restrict access to attributes of the user profile ( be able to do this with LDP )
  • use WebID to protect any LDP resource
  

> 
>> 	• the Web Profile MUST define a default representation format
> 
> can we define "the Web Profile" here, what is it, and how does it define a default for itself?

I think he meant WebID Profile, and that is already defined in the spec. Otherwise one could 
define it as the meaning that is associated with the URI.

I think that the previous point gets us there, since LDP does define a default representation.

> 
>> 	• the system SHOULD considerer legacy WebIDs (or FOAF/SSL) whenever possible
> 
> please define legacy WebIDs here and swap it to a MUST or remove completely.

There seems to be a number of different things here, but I still think this would be very useful to
put together. At TPAC I had someone mention use cases for TV and Web. I think we'll get some more interesting ones as we fill up the wiki page.

Henry

> 
> Cheers,
> 
> Nathan




A short message from my sponsors: Vive la France!
Social Web Architect
http://bblfish.net/
Attachments

application/pkcs7-signature attachment: smime.p7s
Received on Thursday, 13 December 2012 11:20:34 UTC