W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

Re: WebFinger and WebID

From: Henry Story <henry.story@bblfish.net>
Date: Mon, 18 Apr 2011 23:52:12 +0200
Cc: public-xg-webid@w3.org
Message-Id: <E3118058-36B0-4CFE-8276-78231BA58EEE@bblfish.net>
To: Harry Halpin <hhalpin@w3.org>

On 18 Apr 2011, at 23:35, Harry Halpin wrote:

> Every name is a URI if you look at it right :)
> 
> To give WebID a chance of really taking off, perhaps we should think of using e-mail addresses as ways to "boostrap" to full URIs via WebFinger, looking at *any possible* way to get a Web of Trust implemented on top of certs.
> 
> That's why I think WebID should be as minimally constraining as possible at this stage. Then see what traction we can get using various approaches. RDFa is taking off, so its very possible that RDFa might be the way, and that way should definitely be detailed in the spec.
> 
> Lot of companies have also deployed WebFinger. So, I'd detail both ways of getting to the list of contacts at this stage in the spec, get working demos using both WebFinger+XRD+Poco (with GRDDL from Poco XML -> FOAF as needed) and RDFa+FOAF, and see how the landscape matures over the next few months.
> 
> While I admit the WebFinger approach does involve many more steps (and thus concerns for security), it does have the *possibility* maybe of allowing one to see an already existing Web of Trust for certs over say, Gmail users and their Gmail contacts. I haven't done the numbers though...but my feeling is that is an angle that might get the non-SemWeb crowd interested *very* quickly.

Harry, its ok to try to be as compatible with every possible solution, but we are human and don't have an infinite amount of time either. So we are trying to prioritise our work here.  

Adding e-mail addresses, or rather account schemas is not something we have ruled out, and I don't think we should, in fact I like the idea. Just as we have not ruled out any format. But at the same time it makes sense to get thing to interoperate between the installations we currently have. So I think by the time of the Berlin meeting if we can get the current systems of http/http (ftp/ftps?) urls documented then we can show interaction. After that we can move one step at a time to to these other protocols and isseus.

Why is it important to be able to test our implementations? Because:
 - it brings to light issues that are not visible without (as we recently discovered with the certificates that were not working on Apache)
 - it makes us work together and show the real value of WebID which we cannot show if we don't have interoperable software
 - once tests are automated we can move the discussion off the list and to the robots
 
To bring in other schemes is going to bring up a lot of questions and discussions which won't make it possible for us to get past stage 0 of interoperability. This is the same in the Federated Social Web group: they did not start with 100 different 1: swat0. So I'd like us to get swat0 working here first. At any rate I don't have the bandwidth to implement an accnt scheme and so in the next month.


Henry

Social Web Architect
http://bblfish.net/
Received on Monday, 18 April 2011 21:52:43 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:24 UTC