W3C home > Mailing lists > Public > public-xg-webid@w3.org > August 2011

Re: How can users protect their foaf profile

From: Thomas Fritz <fritztho@gmail.com>
Date: Wed, 31 Aug 2011 15:54:23 +0200
Message-ID: <CAA1jL=pBKg5RYUnjjCnummOt6PA43J48F_vTiwRF4at4Z5idaQ@mail.gmail.com>
To: Henry Story <henry.story@bblfish.net>
Cc: WebID List <public-xg-webid@w3.org>
Hi

2011/8/31 Henry Story <henry.story@bblfish.net>:
>
> On 31 Aug 2011, at 13:08, Thomas Fritz wrote:
>
>> Hi
>>
>> How can users protect their foaf profile so it is not publicly
>> available to everyone.
>> How can this be implemented so, i as the profile owner, can select
>> which data i want to give to the authentication site.
>>
>> In all diagrams there is the assumption that the foaf profile can
>> publicly accessed.
>
> In the diagram the WebId Profile is publicly accessible. It can point to another resource that is access controlled, and returns different representations given the WebID of the user accessing it. Think Facebook but with WebID.

When you say access controlled. What kind of access control do you
think of? It has to be on the foaf profiles server in my opinion
because otherwise one could just ignore it and retrieve the whole foaf
profile. So, i think it is a must that this process of data approval
for the requesting site has to be delegated to the foaf profiles
server. Similar to OpenID.

>
> The http://www.w3.org/wiki/WebAccessControl ontology could be used to make the access control restrictions machine readable, but that is not needed to get going.
>
> The http://www.w3.org/community/rww/ may be the w3c community to discuss that in more detail.
>
> Henry
>
>>
> Social Web Architect
> http://bblfish.net/
>
>
>



Regards

---
Thomas FRITZ
web http://fritzthomas.com
twitter http://twitter.com/thomasf
Received on Wednesday, 31 August 2011 13:55:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 31 August 2011 13:55:12 GMT