W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

RE: the openid para

From: peter williams <home_pw@msn.com>
Date: Thu, 28 Apr 2011 09:41:03 -0700
Message-ID: <SNT143-ds14AF789B89BEFAEEBE1E0B929B0@phx.gbl>
To: "'Henry Story'" <henry.story@bblfish.net>, <nathan@webr3.org>
CC: "'Dan Brickley'" <danbri@danbri.org>, <public-xg-webid@w3.org>

Stop working a APIs and code. Just adopt the web services.

Or are we still grinding our teeth that the term web services made it into
the paper? It almost legitimized them, and made us sound connected to the
rest of the web. Next, we will be wanting probably to secure those
webservices, no?

Lets refocus on the most semweb webservice of all: do client authn using
webid to sparql endpoints, starting with virtuoso. Then, we have a nice
setup so a user can access resource server, that behind the scenes accesses
a sparql data service impersonating the user. The underlying use case is on
our agenda, after all. For all I know, Kingsley already has a canned sparql
query ready to be called, that computes a friends chain between 2 webid
URIs, and returns them in a result-set, to help drive an authorization
enforcement engine in a web app.


-----Original Message-----
From: public-xg-webid-request@w3.org [mailto:public-xg-webid-request@w3.org]
On Behalf Of Henry Story
Sent: Thursday, April 28, 2011 7:53 AM
To: nathan@webr3.org
Cc: Dan Brickley; peter williams; public-xg-webid@w3.org
Subject: Re: the openid para


On 28 Apr 2011, at 15:18, Nathan wrote:

>> 
>> WebID stands on its strengths. And in some cases, being able to fall 
>> back to OpenID (eg. from the certless cybercafe PC scenario) is more 
>> appealing than messing around using a password to install (and then
>> remove) a transient WebID cert on an uknown PC.
> 
> This is probably our biggest issue, we need to do something abotu that
fast, cert management is a huge PITA - my cert expired last week, I use it
for loads of things (use the keys from it for github, w3c cvs, my own svn
stuff, dav servers etc) this thing expiring is a really big problem at the
minute, and the levels of pain it's going to take to re-issue the the cert
with the same keys is not something my mum could manage.

Yes, that is the nice thing about WebID cert management. If github and w3c
and svn allowed you to use a WebID cert then even your C++ programming mum
could in the click of a button get a new workable cert :-)

Henry


Social Web Architect
http://bblfish.net/
Received on Thursday, 28 April 2011 16:41:31 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:24 UTC