Re: How can users protect their foaf profile from Henry Story on 2011-08-31 (public-xg-webid@w3.org from August 2011)

From: Henry Story <henry.story@bblfish.net>
Date: Wed, 31 Aug 2011 16:21:27 +0200
To: Thomas Fritz <fritztho@gmail.com>
Cc: WebID List <public-xg-webid@w3.org>
Message-Id: <B6B2DAF1-3D0F-461B-A982-249E19132159@bblfish.net>

On 31 Aug 2011, at 15:54, Thomas Fritz wrote:

> Hi
> 
> 2011/8/31 Henry Story <henry.story@bblfish.net>:
>> 
>> On 31 Aug 2011, at 13:08, Thomas Fritz wrote:
>> 
>>> Hi
>>> 
>>> How can users protect their foaf profile so it is not publicly
>>> available to everyone.
>>> How can this be implemented so, i as the profile owner, can select
>>> which data i want to give to the authentication site.
>>> 
>>> In all diagrams there is the assumption that the foaf profile can
>>> publicly accessed.
>> 
>> In the diagram the WebId Profile is publicly accessible. It can point to another resource that is access controlled, and returns different representations given the WebID of the user accessing it. Think Facebook but with WebID.
> 
> When you say access controlled. What kind of access control do you
> think of? It has to be on the foaf profiles server in my opinion
> because otherwise one could just ignore it and retrieve the whole foaf
> profile.

well yes of course. Just as it is Facebook that controls who can see what when you go to
http://facebook.com/bblfish depending on who it is who is connecting.


> So, i think it is a must that this process of data approval
> for the requesting site has to be delegated to the foaf profiles
> server. Similar to OpenID.

yes. 
If you look at the UML diagram 
http://www.w3.org/2011/identity-ws/papers/idbrowser2011_submission_22/webid.html

you will see that this is what we describe in step 7 and 8

Henry

> 
>> 
>> The http://www.w3.org/wiki/WebAccessControl ontology could be used to make the access control restrictions machine readable, but that is not needed to get going.
>> 
>> The http://www.w3.org/community/rww/ may be the w3c community to discuss that in more detail.
>> 
>> Henry
>> 
>>> 
>> Social Web Architect
>> http://bblfish.net/
>> 
>> 
>> 
> 
> 
> 
> Regards
> 
> ---
> Thomas FRITZ
> web http://fritzthomas.com
> twitter http://twitter.com/thomasf

Social Web Architect
http://bblfish.net/

Received on Wednesday, 31 August 2011 14:21:59 UTC