W3C home > Mailing lists > Public > public-xg-webid@w3.org > May 2011

Re: WebID XG - semantic group profile.

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Fri, 20 May 2011 16:46:40 -0400
Message-ID: <4DD6D330.5070605@openlinksw.com>
To: public-xg-webid@w3.org
On 5/20/11 4:35 PM, Peter Williams wrote:
> I didnt understand any of this thread.
>
> I thought the whole point was that anyone could make a foaf group, 
> reference n URIs==webids, and thats it.

Yep! And that's actually it. Hence my: Linked Data comment :-)

>
> I thougt a fancier point was that the group elements might be a URI, 
> that either is or is the sameAs as a[distinct] webid. Thus, one can 
> ask for the members of a foaf group X who have webids, discarding the 
> rest.
>
> how, or why, or what the foaf group bind to, in acl terms, is a 
> different issue.

Correct.

I have old WebID based ACLs demos [1] where a number of WebIDs are 
associated with a foaf:Group to which ACLs apply.

Simple example:

1. I make a Calendar Data Space
2. I set ACLs scoped to the entire Calendar Data Space or a specific item
3. ACLs can be scoped to Group WebIDs or Individual WebIDs.


>
> Alll the thread poster was trying to do was specify a group. The 
> poster was not attempting to bind the group id to a set of acl entries.

Yes.
>
> one can then apply authentication policy, at the website guard. User 
> does SSL client authn, and guard requires webid to be on list (above), 
> before authz is even attempted. THis is the same as the directory 
> world then, in which one MUST prove one has done strong authentication 
> AND some issuer vouches for the keys' authenticity (in the underlying 
> foaf cards). The maintainer of that group is that very issuer.
>
> We have to disinguish between the authn guard (enforcing strong authn 
> policy), and the authz decision/enforcement points (based on some 
> authz logic, of which there are hundreds...)

Links:

1. 
http://lists.foaf-project.org/pipermail/foaf-protocols/2010-September/003706.html 
-- thread about the ACL demo which showcases WebID grouping via foaf:Group

Kingsley
>
>
>
> > Date: Fri, 20 May 2011 11:08:52 -0400
> > From: kidehen@openlinksw.com
> > To: public-xg-webid@w3.org
> > Subject: Re: WebID XG - semantic group profile.
> >
> > On 5/20/11 10:14 AM, Henry Story wrote:
> > > On 20 May 2011, at 15:59, Kingsley Idehen wrote:
> > >
> > >>> be needed would be a form where people who logged in with their 
> e-mail could also login with their webid to prove the equivalence.
> > >>>
> > >>> I am not sure if this is within what is feasible within the W3C 
> rules. So I am CC Coralie here.
> > >> To do this right, just make a 3 col google spreadsheet and then 
> share with the public. Use "<" and">" to handle reference values. 
> That's it.
> > > Well I am not sure I can publish the e-mails or sha1 sum of 
> members of this group anywhere let alone google. So the issue is to 
> deal with that first.
> >
> > I meant:
> >
> > Name and WebID.
> >
> > Also remember, mailto: URIs shouldn't be secrets in an S/MIME + WebID
> > world. You can actually verify signed emails using the aforementioned
> > hybrid protocol.
> >
> > > Also mailing list membership changes, so it would be good to have 
> the :webIDXG group be representative of people who are subscribed here 
> at a time. To do this it seems to me a perl cgi that transforms the 
> information from the list members can be quickly put together. The W3C 
> has web servers, so there is no need to ask Google to host this I 
> think. (Anyway I think Andrei Sambra was happy to host it).
> >
> > I just mean use a Google Spreadsheet as a Triple editor since you can
> > "Save As" to a location e.g. one that's mounted by WebDAV with
> > redirection into a Data Space (like a DBMS).
> >
> > > Having it machine readable in an RDF format is something that 
> would help us make some nice link to the linked data community and 
> test out some services.
> >
> > Well, as I've indicated a long time ago, using ACL protected data 
> spaces
> > is what we should be doing e.g. an ACL protected AddressBook that WebID
> > compliant.
> >
> > > And publishing proven WebIds would also be a good way of showing 
> how one can do distributed
> > > assurance. The file would make the assurance that the members are 
> part of this group.
> > >
> > > Finally the file is minimal. It is up to remote WebID users to 
> decide how much different services can learn about them.
> >
> > See comments above.
> >
> > It's not about files its about Linked Data :-)
> >
> > Kingsley
> > > Henry
> > >
> > >
> > > Social Web Architect
> > > http://bblfish.net/
> > >
> > >
> > >
> >
> >
> > --
> >
> > Regards,
> >
> > Kingsley Idehen
> > President& CEO
> > OpenLink Software
> > Web: http://www.openlinksw.com
> > Weblog: http://www.openlinksw.com/blog/~kidehen
> > Twitter/Identi.ca: kidehen
> >
> >
> >
> >
> >
> >


-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen
Received on Friday, 20 May 2011 20:47:03 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 20 May 2011 20:47:04 GMT