W3C home > Mailing lists > Public > public-xg-webid@w3.org > November 2011

Re: LinkedIn, Twitter, Facebook etc.. as WebID IdPs

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Fri, 18 Nov 2011 18:42:48 -0500
Message-ID: <4EC6ED78.2060100@openlinksw.com>
To: public-xg-webid@w3.org
On 11/18/11 5:52 PM, Peter Williams wrote:
> Ok do you are enabling the oauth consumer Site to obtain the client api credentials accessing  the users store in facebookland, and then said "plugin" to Facebook adds some value. This is accomplished by minting a cert with the uri of the Facebook users data space as webid. Finally, using its write privilege on the remote store, the cert is written to the Facebook-graph by the plugin trusted by the user for such function, assuming one trust Facebook.
>
> Webid-like validation agent interact with Facebook idp subsequently, enabling a user to induce said site to get read privs on the users graph, via the api. Using the API, said sites determines if the client cert from https is present in the users Facebook graph, identified by webid in the https client cert.
>
> It's a webid. It's not webid protocol. It's what I'd expect webid research models for ideal protocols to evolve into, during Productization. It's a variation of what I proposed once - just see if the cert blob is present at the uri. It's a nicer variant as the oAuth process enables consent. And audience controls.

Yes, in a nutshell. This is how it was until today. We've now added a 
Linked Data proxy/wrapper URI that abstracts the Facebook, Twitter, 
LinkedIn, AtomPub API access so that others don't have to make this a 
mandatory part of their WebID client implementations.

Using fingerprints enables use leverage the tiny space offered by a Tweet.
>
> Presumably, the data store can store blobs too, iincluding rdf/XML blobs.

Yes.

>
> It reminds md of the original xri vision, and it's data service (storing 4tuple graphs, with arcs bring xri structured names). Much simpler (and real, of course).
>
> Works with actual web.

Yep!  The "actual Web" is the key. We have to build on that in non 
disruptive fashion in order to take WebID viral.

Remember, I said, this implementation was inspired by your comments way 
back :-)

Kingsley
>
> Sent from my iPhone
>
> On Nov 18, 2011, at 1:30 PM, "Kingsley Idehen"<kidehen@openlinksw.com>  wrote:
>
>> All,
>>
>> A quick FYI. We now have proxy/wrapper Linked Data URIs in SANs re. x.509 certificates produced by our HTML based certificate generator [1]. Thus, if you follow the directions from my earlier post [2], you now have an option (via the Wizard UI) for using proxy/wrapper URIs as WebID watermarks in x.509 certificates.
>>
>> The proxy/wrapper URIs we generate basically work with existing WebID clients (from others) without modification. We've used proxy/wrapper URIs as a layer of abstraction that shields others from the complexity of implementing data access drivers for Web 2.0 APIs.
>>
>> Links:
>>
>> 1. http://id.myopenlink.net/certgen -- first cut (beautification to come) HTML based certificate generator which as has native Windows and iOS5 counterparts nearing completion
>>
>> 2. http://goo.gl/AcYWQ -- original post about leveraging Facebook as a WebID compliant IdP (follow the steps here, but choose *proxy URI* option )
>>
>> 3. http://id.myopenlink.net/ods/webid_demo.html -- simple WebID verification service
>>
>> 4. http://id.myopenlink.net/about/id/entity/http/www.linkedin.com/in/kidehen#this -- proxy/wrapper Linked Data URI example (note the footer section re. supported formats which you can negotiate via HTTP or discover via "Link:" response headers or<link/>  entries in<head/>  in HTML)
>>
>> 5. http://goo.gl/krOAV -- alternative HTML view (useful for deeper follow-your-nose navigation)
>>
>> 6. http://id.myopenlink.net/describe/?url=http%3A%2F%2Fwww.openlinksw.com%2Fschemas%2Fcert%23Certificate -- shows how we've extended the WOT ontology in our own data space (follow-your-nose to see unobtrusive nature of this approach) .
>>
>> -- 
>>
>> Regards,
>>
>> Kingsley Idehen
>> President&   CEO
>> OpenLink Software
>> Company Web: http://www.openlinksw.com
>> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
>> Twitter/Identi.ca handle: @kidehen
>> Google+ Profile: https://plus.google.com/112399767740508618350/about
>> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>>
>>
>>
>>
>>
>>
>


-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen








Received on Friday, 18 November 2011 23:43:22 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 18 November 2011 23:43:24 GMT