Subject Information Access Extension from Kingsley Idehen on 2012-01-09 (public-xg-webid@w3.org from January 2012)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Mon, 09 Jan 2012 12:23:08 -0500
To: WebID XG <public-xg-webid@w3.org>
Message-ID: <4F0B227C.4030302@openlinksw.com>

All,

Here is the address of a document that contains the spec for the item 
above: http://tools.ietf.org/html/draft-ietf-pkix-sca-00 .

The semantics are crystal clear.

As already stated, utilizing this extension adds benefits to WebID esp. 
re. consumer profile for publishers.

We are going to implement this functionality in both our generators and 
verifiers, irrespective.

Once in place, I'll let Peter demonstrate the power of SPARQL Protocol 
URL (with a construct query) as vehicle for more dynamic idp spaces that 
hold claims that mirror those held in a local x.509 cert.

In addition, he or I will pretty much do the same for Microformats.

Of course, none of this matches the WebID spec, so it may lead to a fork 
since I've always said the NetID moniker sits in waiting re. a really 
Open and Flexible approach to the problem at hand i.e., InterWeb scale 
verifiable identity via portable subject description graphs or info 
cards that are loosely bound to idp spaces.

The fidelity of Linked Data is but an option for achieving the 
aforementioned goal. An individual should never loose control of their 
info card just because they loose control over an HTTP scheme URI based 
Name. Likewise, control over an HTTP URI Name is not the critical proof 
of identity. Said proof lies in the signed claims in the certificate 
combined with mirrored claims in the subjects.

If you doubt the proof, the just move the argument to the practical 
realm of resource ACLs at InterWeb scale. A broken system will give 
individuals access to resources that violate the policies expressed in a 
given ACL that depends on the WebID verification protocol. No need for 
broken hypothetical examples about banks since we can test in a real 
setting via resource ACLs.


As demonstrated already by Facebook, you can publish resources on the 
Web that carry self reflection and in the process contribute to the 
broader mesh of Linked Data. 100% Linked Data fidelity can easily be 
picked up by proxy services, as we've demonstrated for many years since 
the original Linked Data meme and emergence of the burgeoning Linked 
Open Data cloud.

Either way, I am convinced about the value associated with reducing the 
Linked Data luxury element of WebID. And that's from someone who has 
been drinking and mixing the Linked Data Kool Aid, on a daily basis, for 
many years, across many technology frontiers.


-- 

Regards,

Kingsley Idehen	
Founder&  CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Monday, 9 January 2012 17:23:35 UTC