RE: OAUTH setup for webid : getting an ODS client to "Connect" to my profilepage from Peter Williams on 2012-01-10 (public-xg-webid@w3.org from January 2012)

From: Peter Williams <home_pw@msn.com>
Date: Tue, 10 Jan 2012 10:30:39 -0800
To: <kidehen@openlinksw.com>, "public-xg-webid@w3.org" <public-xg-webid@w3.org>
Message-ID: <SNT143-W36DB1E9451DD621AAD650092990@phx.gbl>

Its a matter of tone at this point.

Its obvious that semantic web can be a (huge) island in itself, doing a variant of X.500 authentication framework (updated for URIs). the closer to that stnadard it makes out (wth change of embodiment to URIs, RDF etc) the stronger postiion folks will be in a quite extensive array of patent foes, in the area of verifying public key sources.

Its clear that it can scale in ways the public directory did not (though was supposed to). yes, it will have to compete against the managed cloud (that already aggregates directory forests, even now). But, one can see the future. I can already seem how Microsoft cloud-based CRM + ODATA is evolving into linked data.

but, if semweb is to be inclusive (so all the other stuff just drops away) it should be making alliances.

this is why I suggested your site be minting a saml2 token (but not using the saml2 protocol) to get the token from the cloud that populates the REST-ful www-authorization - already used live in odata. This uses those damn'ed certs, WITH their SAN URI, drawing upon the webid profile. This is also the gateway which will soon deliver the signed-json version of the signed SWT, coming shortly. .... which means signed json-encoded triples. yes, this is just another link - off the link response headers...

I know of a certain software company that would be very interested in webid, if it were not such a "one off" - filled with angst about this and that, and everything else.

By working WITH other groups formats one will have faster and less difficult uptake. one doesnt have to fall into their religion (eg. internet2 and UK academida has strange religions around SAML2 that exludes openid, and hammar stack is clearly a religion in its own right...and not just a cult). One simply shows, much as I learnerd at 22, just do it all ways. Its really not that hard to convert bit formats, and that includes signed bit formats - once one has a framework anticipating such.

If there is one thing this group needs to do in its next incarnation is ... become handshake independent - so the websso handshake (with certs and SANs) also induces a webid validation agent to do its thing. Im going to go do that know, as a demo. And, maybe even the SSL one too if Azure cooperates.

Received on Tuesday, 10 January 2012 18:31:15 UTC