- From: <Ora.Lassila@nokia.com>
- Date: Tue, 31 Jan 2012 13:43:09 +0000
- To: <michael.hausenblas@deri.org>, <ryan.mcdonough@nokia.com>
- CC: <martynas@graphity.org>, <ivan@w3.org>, <public-ldp@w3.org>
I agree with Ryan as well. This is an important topic and must be addressed somehow so that we can move towards interoperable solutions. - Ora On 2012-01-31 8:24 AM, "ext Michael Hausenblas" <michael.hausenblas@deri.org> wrote: > > >> But rather than punt on >> the issue completely, I would like propose we define the minimal set >> of >> requirements for auth/auth. From there, we can look at some of the >> suggestions that have been raised on this list so far to see if they >> are >> capable of satisfying these requirements. > >+1 > >Cheers, > Michael >-- >Dr. Michael Hausenblas, Research Fellow >LiDRC - Linked Data Research Centre >DERI - Digital Enterprise Research Institute >NUIG - National University of Ireland, Galway >Ireland, Europe >Tel. +353 91 495730 >http://linkeddata.deri.ie/ >http://sw-app.org/about.html > >On 31 Jan 2012, at 13:21, <ryan.mcdonough@nokia.com> ><ryan.mcdonough@nokia.com > > wrote: > >> I don't think we wanted to boil the ocean here. The point was that if >> you're enabling read/write linked data on the web, or private network, >> identity and security are obvious requirements in my view. As Ora >> pointed >> out, these issues come up time and time again on the projects we've >> been >> working internally. >> >> At the very least, the LDP should offer some recommendations on how >> to do >> it. And I agree with you, let's not solve everyone's problems and >> I'm not >> suggesting the WG rolls our own solutions either. But rather than >> punt on >> the issue completely, I would like propose we define the minimal set >> of >> requirements for auth/auth. From there, we can look at some of the >> suggestions that have been raised on this list so far to see if they >> are >> capable of satisfying these requirements. >> >> Ryan- >> >> >> -- >> Ryan J. McDonough >> Architect >> Location & Commerce >> NOKIA INC. >> >> >> >> >> >> >> On 1/31/12 6:59 AM, "ext Michael Hausenblas" >><michael.hausenblas@deri.org >> > >> wrote: >> >>> >>> Ryan, All, >>> >>> I guess we all agree that WebID and WebACL and the likes are >>> necessary >>> building blocks to achieve a true read/write enabled, enterprise- >>> ready, industrial strength solution. However, for the sake of the >>> success of this WG I also agree that we should not try to boil the >>> ocean and hence: focus, focus, focus. >>> >>> In this sense: -1 to incl. auth/auth topics ... >>> >>> Cheers, >>> Michael >>> -- >>> Dr. Michael Hausenblas, Research Fellow >>> LiDRC - Linked Data Research Centre >>> DERI - Digital Enterprise Research Institute >>> NUIG - National University of Ireland, Galway >>> Ireland, Europe >>> Tel. +353 91 495730 >>> http://linkeddata.deri.ie/ >>> http://sw-app.org/about.html >>> >>> On 31 Jan 2012, at 11:56, <ryan.mcdonough@nokia.com> >>> <ryan.mcdonough@nokia.com >>>> wrote: >>> >>>> Back to the original question as to whether access control is in >>>> scope or >>>> not, I agree with Ora that we should not punt on this issue. >>>> However, I'm >>>> not sure that we need to attempt solve the problem this month ;) >>>> Given all >>>> of the ideas being offered, it would appear that Access control >>>> mechanisms, WebACL, Web Identity might be in scope? >>>> >>>> Ryan- >>>> >>>> -- >>>> Ryan J. McDonough >>>> Architect >>>> Location & Commerce >>>> NOKIA INC. >>>> >>>> >>>> >>>> >>>> >>>> >>>> From: ext Martynas Jusevicius <martynas@graphity.org> >>>> Date: Wed, 18 Jan 2012 02:35:21 +0100 >>>> To: Ora Lassila <ora.lassila@nokia.com> >>>> Cc: <ivan@w3.org>, <michael.hausenblas@deri.org>, <public-ldp@w3.org >>>> > >>>> Subject: Re: Linked Data Platform Working Group Charter comment >>>> Resent-From: <public-ldp@w3.org> >>>> Resent-Date: Wed, 18 Jan 2012 15:49:49 +0000 >>>> >>>> >>>> Hey all, >>>> how about Basic Access Control ontology http://www.w3.org/ns/auth/ >>>> acl ? >>>> >>>> We're using it successfully in a Linked Data context -- in >>>> combination >>>> with foaf:Person and sioc:UserAccount, to express a number of users >>>> and >>>> user groups and their access rights to resources and classes of >>>> resources. >>>> As a result, both authentication and authorization is a matter of a >>>> single >>>> SPARQL query. >>>> >>>> It might be simplistic -- but it's a start? >>>> >>>> Martynas >>>> graphity.org <http://graphity.org> >>>> >>>> On Tue, Jan 17, 2012 at 4:05 PM, <Ora.Lassila@nokia.com> wrote: >>>> >>>> Ivan, >>>> >>>> Indeed. [Sigh] If I knew of an access control mechanism that is >>>> mature and >>>> proven in the Linked Data context I would have made a much stronger >>>> statement in favor of addressing the issue. We do not want to engage >>>> in >>>> R&D work (we have made that mistake before ;-) but my great fear is >>>> that >>>> if we merely suggest that someone else will take care of this we may >>>> be >>>> signaling that this is not an issue of paramount importance. >>>> >>>> I don't have any magical answers or advice here, I am merely >>>> expressing >>>> concern... I guess I would like there at least to be some discussion >>>> about >>>> this. Saying that there is no solution and saying that something is >>>> out of >>>> scope should, after all, not be the same thing. >>>> >>>> - Ora >>>> >>>> >>>> On 2012-01-17 9:54 AM, "ext Ivan Herman" <ivan@w3.org> wrote: >>>> >>>>> Ora, >>>>> >>>>> I hear you. However (and that may show my complete ignorance...) is >>>>> there >>>>> any access control mechanism out there that has already proven >>>>> itself in >>>>> the area of Linked Data deployment that is in the maturity level of >>>>> standardization? I am a bit concerned about chartering this group >>>>> with an >>>>> essentially R&D work while the other goals are much less so... >>>>> >>>>> Ivan >>>>> >>>>> On Jan 17, 2012, at 15:47 , <Ora.Lassila@nokia.com> wrote: >>>>> >>>>>> As much as I would like to have a "tight scope" for this WG, I >>>>>> have to >>>>>> observe that access control (or more like lack thereof) has often >>>>>> been a >>>>>> problem in Semantic Web/Linked Data projects I have been involved >>>>>> in. >>>>>> Particularly fine-grained access control of Semantic Web data. >>>>>> >>>>>> I fear that deeming access control strictly "out of scope" and >>>>>> hoping >>>>>> that >>>>>> some (so far unspecified) liaison with other groups to solve this >>>>>> problem >>>>>> will only result in the issue not being seen as important enough. >>>>>> >>>>>> My $0.02. >>>>>> >>>>>> - Ora >>>>>> >>>>>> -- >>>>>> Dr. Ora Lassila ora.lassila@nokia.com http://www.lassila.org >>>>>> Principal Technologist, Nokia >>>>>> >>>>>> >>>>>> >>>>>> On 2012-01-17 6:25 AM, "ext Michael Hausenblas" >>>>>> <michael.hausenblas@deri.org> wrote: >>>>>> >>>>>>> >>>>>>> All, >>>>>>> >>>>>>> I'd suggest to improve the following section and be more explicit >>>>>>> regarding the bigger picture [1]: >>>>>>> >>>>>>> [[ >>>>>>> 2.3 Out of Scope >>>>>>> Several possible standards that are out of scope for this group, >>>>>>> such >>>>>>> as those listed below: >>>>>>> >>>>>>> € Access control mechanisms, WebACL, Web Identity >>>>>>> ]] >>>>>>> >>>>>>> Mention that both authentication and authorisation are orthogonal >>>>>>> issues and hence, in order to stay focused and to be successful, >>>>>>> the >>>>>>> WG will not focus on these issues (but liaison with the >>>>>>> respective >>>>>>> groups to ensure compatibility and openness). >>>>>>> >>>>>>> Thoughts? >>>>>>> >>>>>>> Cheers, >>>>>>> Michael >>>>>>> >>>>>>> [1] http://www.w3.org/wiki/WriteWebOfData >>>>>>> -- >>>>>>> Dr. Michael Hausenblas, Research Fellow >>>>>>> LiDRC - Linked Data Research Centre >>>>>>> DERI - Digital Enterprise Research Institute >>>>>>> NUIG - National University of Ireland, Galway >>>>>>> Ireland, Europe >>>>>>> Tel. +353 91 495730 <tel:%2B353%2091%20495730> >>>>>>> http://linkeddata.deri.ie/ >>>>>>> http://sw-app.org/about.html >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> ---- >>>>> Ivan Herman, W3C Semantic Web Activity Lead >>>>> Home: http://www.w3.org/People/Ivan/ >>>>> mobile: +31-641044153 <tel:%2B31-641044153> >>>>> FOAF: http://www.ivan-herman.net/foaf.rdf >>>>> >>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>> >>> >> >
Received on Tuesday, 31 January 2012 13:43:42 UTC