Re: Should WebIDs denote people or accounts? from Kingsley Idehen on 2014-05-19 (public-webid@w3.org from May 2014)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Mon, 19 May 2014 08:15:11 -0400
To: public-webid@w3.org
Message-ID: <5379F5CF.2020509@openlinksw.com>
On 5/18/14 9:09 PM, Timothy Holborn wrote:
> I'm rather sure the problems can be solved by providing a WebID 
> ontology, that supports a range of binding mechanisms for WebID-TLS 
> (including current fixed:foaf methods).

For ACLs you need an ACL Ontology.

Kingsley
>
> With the exception of the use of the term "agents" (which I relate to 
> foaf definitions / use of the term) the spec is well designed [1]. 
>  Perhaps whether agent means person or legal entity (for which the 
> identity instance applies) could be considered.
>
> I'm pleased it's been discussed more, at length.  Clearly, it seems, 
> some ideologies are getting in the way of w3 standard that could be 
> more engaging for more people.
>
>
> Timh.
> [1] https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/index.html
> Sent from my iPad
>
> On 19 May 2014, at 10:40 am, Sandro Hawke <sandro@w3.org 
> <mailto:sandro@w3.org>> wrote:
>
>> On 05/18/2014 08:17 PM, Kingsley Idehen wrote:
>>> On 5/18/14 4:31 PM, Sandro Hawke wrote:
>>>> On 05/18/2014 01:59 PM, Nathan Rixham wrote:
>>>>> I'd suggest that this is not a technical problem and cannot be 
>>>>> addressed this way.
>>>>>
>>>>> When you add reasoners in to the mix they can quickly determine 
>>>>> that typographically different (personas/agents/uris) refer to the 
>>>>> same thing, whatever approach is used.
>>>>
>>>> Not true.   They might quickly determine that two personas are 
>>>> managed by the same person, but that is not the same as determining 
>>>> that the two personas are the same thing.
>>> Only if you provide the information that makes that feasible.
>>>
>>>>
>>>> Computers are perfectly capable of keeping track of my having 
>>>> multiple distinct mailing addresses, multiple distinct phone 
>>>> computers, multiple distinct phone numbers, etc.   They know they 
>>>> belong to the same person, without getting confused and thinking 
>>>> actually each of my mailing addresses is the same or each of my 
>>>> android devices is the same.   If they did, I couldn't exactly 
>>>> label one as being home and one as being office, or install some 
>>>> apps on one android device and not on another.
>>>>
>>>> This is not hard to solve - we just have to be clear that what's 
>>>> being authenticated and authorized is a persona/account, not a human.
>>>
>>> And why do you believe that:
>>>
>>> 1. WebID isn't clear about being an Identifier that denotes an Agent?
>>>
>>> 2. That WebID-Profile Documents aren't RDF documents that describe 
>>> the referents of WebIDs (i.e, they are Identity Cards) ?
>>>
>>> 3. That WebID-TLS isn't about authenticating the claims in the 
>>> WebID-Profile document ?
>>>
>>>>
>>>> Unfortunately, this doesn't match WebID's self-conception, so far.
>>> Only if you are conflating WebID [1], WebID-Profile [2], and 
>>> WebID-TLS [3], which is still a general problem we have with the 
>>> term: WebID.
>>>
>>
>> I'm fairly confident I know what those terms mean.  I talked to folks 
>> coming out of the meeting where WebID-TLS was split from WebID, in 
>> Lyon, and got the story at the time.
>>
>>> WebID is simply an identifier that denotes an Agent. WebID-Profile 
>>> is a profile document that describes what a WebID denotes.
>>> WebID-TLS is an authentication protocol that verifies the claims 
>>> made in a WebID-Profile document or Identity Card.
>>>
>>> Could it be that you are indicating to the spec editors that some 
>>> organizational issues exists re., layout and overall presentation? 
>>> if that's your concern, then I can certainly see where you might be 
>>> coming from etc..
>>>
>>
>> That was my hope when I started this threat, but that hope has died.
>>
>>> Links:
>>>
>>> [1] 
>>> http://www.w3.org/2005/Incubator/webid/spec/identity/#the-webid-http-uri
>>
>> The diagram is very clear that the WebID denotes the person.
>>
>> You have also been very clear about that in your emails.
>>
>> Since the WebID is also what the user authenticates as, and what 
>> authorization is granted to, in the systems I've seen, that means the 
>> unit of authentication and authorization is the person.
>>
>> That's not acceptable to me as a user, and I think many other users 
>> will also find it unacceptable.
>>
>> I don't see how we can expect to build mass-market systems using 
>> WebID until this is changed.
>>
>>       -- Sandro
>>
>>> [2] 
>>> http://www.w3.org/2005/Incubator/webid/spec/identity/#publishing-the-webid-profile-document 
>>>
>>> [3] http://www.w3.org/2005/Incubator/webid/spec/tls/
>>>
>>>>
>>>>      -- Sandro
>>>
>>>
>>
>>


-- 

Regards,

Kingsley Idehen 
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Monday, 19 May 2014 12:15:34 UTC