W3C home > Mailing lists > Public > public-xg-webid@w3.org > November 2011

Re: henry and code

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Thu, 17 Nov 2011 07:04:33 -0500
Message-ID: <4EC4F851.3010606@openlinksw.com>
To: public-xg-webid@w3.org
On 11/16/11 10:16 PM, Peter Williams wrote:
>
> If I simply run virtuoso, or were to build a plugin for it, or use its 
> endpoint's validation service (that I know you built, trying to 
> accomodate me and my desire to have a really simple technology that 
> fits first year visual basic programmers), I doubt it would count as  
> "my" implementation.  I think folks want to see code that others can 
> reuse.

Virtuoso is a multi-purpose server that implements a plethora of 
protocols. On the Windows platform you can see it as an IIS + SQL Server 
combo++ . It is available in open and closed source editions. None of 
this is operating system specific. Thus, you can use it on Windows if 
you choose.

In your case, which is fine, you want to write this using .NET or PHP  
with IIS as the HTTP server. That's all fine too.

>
> Now, there are 15 other implementations to review, too. so I see what 
> everyone else has done. I can compare and contrast these. Ill write it 
> all up on my blog site, as I find them. I can soon assess the 
> maturity, if they are in source. Ill be as critical as I can, so we 
> can see what its true and what is hype. Ill try to match the third 
> quartile, in demonstrability of what the webid spec actually says. 
> Hows that?

Fine.

>
> So, I start; it should be fun doing this tonight - seeing what .NET 
> 4.0 and MVC 4.0+ offer that the world of .NET 3.5 didnt, in the world 
> of the semantic web (and webid related topics, specifically). The 
> world of websso in windows has gone from prototypes to mainstream in 
> that time. TLS 1.2 has matured a lot, too, and we can see if the 
> windows native platform programmer has anything to leverage with now 
> that was unavailable back then, in the SSL socket arena.
>
> I think the criteria of what constitues a "webid" implementation (vs a 
> semantic web "application" that happens to exploit webid 
> authentication events)  is that the webapp offers endpoints that 
> implement the REST verbs exclusively (per the true semantics), seeks 
> and handles inbound self-signed client certs using only TLS 1.0, 
> de-references the URI within, pulls the resouce using caching headers 
> and can work with a client side cache, parses and handles the (cached) 
> graph identified by the URI, and then locally performs the spaql query 
> folks taught me to do here (updated for some new terms in the syntax).

Yes, perform the lookup which for SPARQL is an implementation detail. 
The important thing is performing a lookup via graph traversal en route 
to matching WebID to claims in the X.509 based security token. 
Currently, standard implementations go for the public key components of 
the x.509 cert. In our case, we also add the ability to simply lookup 
the fingerprint of the x.509 since we want AtomPub blogs, Tweets, 
Facebook posts etc.. as part of the IdP mix.

> Ive understood that I AM ALLOWED session cookies, and that 
> webid-powered site now has the notion of a loggedin/loggedout "state".
>
> If I can make an ASP.NET site interact with webid-powered users, it 
> seems useful to then make that site interact then with an IIS-hosted 
> joomla - where I have already leveraged (using my rapidly improving 
> php skills) an assertion handling framework that allows a session 
> minted on A site to auto-mint a session on B.
>
> Would making joomla appear to be webid-powered (when hosted on 
> windows) count as a useful contribution, though?

Yes.

> My thoughts are that once joomla works, drupal would follow easily 
> afterwards, since the techniques Im using to mint user sessions on 
> joomla are largely the same as are found in the drupal world.
>
> I think its great the smenatic web has adopted sessions. Now lots of 
> session management technologies can be used to mint them, manage them, 
> etc - gated by the webid authentication controls.

Yes.

Kingsley
> ------------------------------------------------------------------------
> Date: Wed, 16 Nov 2011 21:32:30 -0500
> From: kidehen@openlinksw.com
> To: public-xg-webid@w3.org
> Subject: Re: henry and code
>
> On 11/16/11 8:43 PM, Peter Williams wrote:
>
>
>
>     I really ought to ask:
>     does anyone have an EXISTING source implementation of webid
>     relying party that runs on windows (AND is built using native
>     microsoft technologies).
>     Running virtuoso on linux in a vmware linux emulator... does NOT
>     count.
>
>
> Virtuoso is a cross platform product. It runs natively on Windows, Mac 
> OS X, Linux, Solaris etc.. That's how we roll :-)
>
>     Running a POSIX process under cygwin similarly does NOT count.
>     If not, there is obviously a major hole in this implementation
>     community.
>     If someone has a joomla controller/plugin/module for joomla tuned
>     to webids, also let me know. We have joomla running under IIS on
>     Windows, finally.
>
>
> Virtuoso is also a serious .NET host, a few moons ago, it included 
> Mono hosting when we assumed Novell and co. would actually make 
> something of cross platform .NET.
>
> We are not a covert Linux only play. Neither are we a so called Open 
> Source Stack play. Virtuoso is about real platform independence.
>
>
>     Is there a updated foaf.me certificate issuing site which produces
>     a XML graph with the VERY latest syntax for the webid statements?
>     Is there an updated mywiki certificate issuing site, which
>     produces an RDFa serialized graph (with the very latest...syntax)?
>     Its obvious that my experiments to host XML files with RDF graphs
>     on cloud file servers, and then RDFa XML elements on
>     consumer-facing blog sites (e.g. wordpress) have failed.
>
>
> Wordpress has failed, neither has Twitter, LinkedIn, Facebook, or any 
> of these other Web 2.0 oriented data spaces.
>
> Hopefully, I'll be showing off certificates that have ProxyURI based 
> WebIDs. Basically, a layer of abstraction atop our Web 2.0 drivers 
> that enables any relying agent built for WebID to leverage the 
> aforementioned data spaces as players in the IdP space.
>
>     I'll just give up on that tack, and assume sites like foaf.me will
>     mint and host the user's graphs.
>
>
> Hopefully you've digested my comments.
>
>     What webid needs is lots of relying party sites that consume the
>     webid claims, and guard access to the content using the semantic web.
>
>
> I think more about the WWW as a navigable Linked Data Space. Adding 
> semantics to its hyperlink based tapestry enables smart processing of 
> claims that form the basis of verifiable identity. Syntax and stack 
> wars are the only impediments to current visibility. The whole thing 
> is actual here right now !!
>
> Kingsley
>
>     ------------------------------------------------------------------------
>     From: home_pw@msn.com <mailto:home_pw@msn.com>
>     To: public-xg-webid@w3.org <mailto:public-xg-webid@w3.org>
>     Subject: henry and code
>     Date: Wed, 16 Nov 2011 17:14:18 -0800
>
>
>     Henry has (appropriately) challenged me to produce a
>     (modern) implementation of webid (by which he means an http
>     responder that pings the URL of an inbound TLS 1.0 client cert and
>     verifies if a graph exists at that URI, by considering the
>     relevant statements. In essense, the verifying routine performs a
>     sparql query having downloaded a graph from a file. Having done
>     so, it should mint a session using some platforms session
>     management infrasructure.
>
>     Im happy to do so, upgrading the code I distributed publicly for
>     webid a long time ago - still available publicly. As he says in
>     his private email, its time. The code I distributed a long time is
>     2 years out of date, and represented the dotNet 3.5 community
>     (furthermore), and its (then) luke walm adoption of RESTful
>     technologies. Things have changed a lot in the last 2 years in the
>     windows world; even in real estate I got to offer custom RSS feeds
>     for the first time (full of SSO URI that pass session between
>     sites, rather than blog content).
>
>     Shall we say 7 days from now? What I propose to do is take the
>     microsoft webmatrix download (which incidentally self-hosts
>     joomla, drupal and wordpress instances, whose (wordpress) SIOC
>     plugins Ive been exploiring all day) and modify the ASP.NET
>     application which Microsoft distributes as a model of how relying
>     parties site really ought to work with IDPs. Out of the box, it
>     comes with openid, and OAUTH protocol support (but not browserID);
>     being aimed at web masters (vs web developers). I propose I make
>     it also accept https with client certs, where the interceptor
>     validates the webid claims; minting a local session using webid as
>     an authentication mechanism, as an alternative to redirecting to
>     facebook, google, hotmail, etc.
>
>     It will be useful to see how Windows has evolved in the
>     RDF/semantic area, in those 2 years.
>
>
>
>
> -- 
>
> Regards,
>
> Kingsley Idehen	
> President&  CEO
> OpenLink Software
> Company Web:http://www.openlinksw.com
> Personal Weblog:http://www.openlinksw.com/blog/~kidehen  <http://www.openlinksw.com/blog/%7Ekidehen>
> Twitter/Identi.ca handle: @kidehen
> Google+ Profile:https://plus.google.com/112399767740508618350/about
> LinkedIn Profile:http://www.linkedin.com/in/kidehen
>
>
>
>


-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen








Received on Thursday, 17 November 2011 12:05:17 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 17 November 2011 12:05:18 GMT