LDP with Access Control, or future LDPS(ecure)?

Dear all,

I would like to start by admitting that I might be asking a question that
has already been answered. I have tried looking for this topic on the
mailing list archive, but I was unable to find any relevant information.

I have recently begun implementing the current LDP spec, and I find myself
at the point where I need to add access control to LDP operations and
resources/containers. However, there is no mention in the current spec
draft about any kind of access control. While I understand why some of you
may be against discussing AC at this point, I can't stop asking myself why
there is no effort of adding it by design, instead of a future feature.

I know that mentioning access control at this point in the spec implies
opening the Pandora's box with all its issues (not the least being the lack
of a proper definition for identity in general). I suppose my _personal_
point here is that access control should be a fundamental part of LDP,
unless LDP will only be used in the public domain.

I believe some (many?) of you are probably familiar with WebID. As an
active member of the WebID CG, I hope that we can find common ground
between LDP and WebID, leading to a proposal on how access control can be
achieved in LDP. The reason I mentioned WebID is that following recent
discussions at TPAC, we have come to agree on a WebID definition that
decouples the identity part from the authentication part, potentially
leading to WebID over (TLS, OpenID, BrowserID, etc..). By abstracting the
authentication part, LDP can instantly take advantage of WebID's _identity_
part.

I am sure that access control is far from being the main priority of the
LDP WG at this point, so I would like to propose that those of us
interested in access control could at least try to build a wiki page that
would serve as a basis for future work.

Please accept my apologies if this subject has been discussed already, as
well as for the length of this email. I have recently started getting
involved in LDP, and I haven't had the time to go over the minutes for all
the previous teleconfs, though I am catching up with the mailing list
discussions.

Best wishes,
Andrei Sambra (MyProfile)

Received on Monday, 12 November 2012 12:21:45 UTC