Re: Linked Data Platform Working Group Charter comment

Hi all,

On Jan 31, 2012, at 08:24, Michael Hausenblas wrote:
>> But rather than punt on
>> the issue completely, I would like propose we define the minimal set of
>> requirements for auth/auth. From there, we can look at some of the
>> suggestions that have been raised on this list so far to see if they are
>> capable of satisfying these requirements.
> 
> +1

Agreed.  I would think that blessing existing auth/auth solutions or standards would be in scope, but creating new ones would be out of scope.  If the group finds that no existing solution meets its needs, then I suggest that the charter task the group with identifying the lacks.

Regards,
Dave


> 
> Cheers,
> 	Michael
> --
> Dr. Michael Hausenblas, Research Fellow
> LiDRC - Linked Data Research Centre
> DERI - Digital Enterprise Research Institute
> NUIG - National University of Ireland, Galway
> Ireland, Europe
> Tel. +353 91 495730
> http://linkeddata.deri.ie/
> http://sw-app.org/about.html
> 
> On 31 Jan 2012, at 13:21, <ryan.mcdonough@nokia.com> <ryan.mcdonough@nokia.com> wrote:
> 
>> I don't think we wanted to boil the ocean here. The point was that if
>> you're enabling read/write linked data on the web, or private network,
>> identity and security are obvious requirements in my view. As Ora pointed
>> out, these issues come up time and time again on the projects we've been
>> working internally.
>> 
>> At the very least, the LDP should offer some recommendations on how to do
>> it. And I agree with you, let's not solve everyone's problems and I'm not
>> suggesting the WG rolls our own solutions either. But rather than punt on
>> the issue completely, I would like propose we define the minimal set of
>> requirements for auth/auth. From there, we can look at some of the
>> suggestions that have been raised on this list so far to see if they are
>> capable of satisfying these requirements.
>> 
>> Ryan-
>> 
>> 
>> -- 
>> Ryan J. McDonough
>> Architect
>> Location & Commerce
>> NOKIA INC.
>> 
>> 
>> 
>> 
>> 
>> 
>> On 1/31/12 6:59 AM, "ext Michael Hausenblas" <michael.hausenblas@deri.org>
>> wrote:
>> 
>>> 
>>> Ryan, All,
>>> 
>>> I guess we all agree that WebID and WebACL and the likes are necessary
>>> building blocks to achieve a true read/write enabled, enterprise-
>>> ready, industrial strength solution. However, for the sake of the
>>> success of this WG I also agree that we should not try to boil the
>>> ocean and hence: focus, focus, focus.
>>> 
>>> In this sense: -1 to incl. auth/auth topics ...
>>> 
>>> Cheers,
>>> 	Michael
>>> --
>>> Dr. Michael Hausenblas, Research Fellow
>>> LiDRC - Linked Data Research Centre
>>> DERI - Digital Enterprise Research Institute
>>> NUIG - National University of Ireland, Galway
>>> Ireland, Europe
>>> Tel. +353 91 495730
>>> http://linkeddata.deri.ie/
>>> http://sw-app.org/about.html
>>> 
>>> On 31 Jan 2012, at 11:56, <ryan.mcdonough@nokia.com>
>>> <ryan.mcdonough@nokia.com
>>>> wrote:
>>> 
>>>> Back to the original question as to whether access control is in
>>>> scope or
>>>> not, I agree with Ora that we should not punt on this issue.
>>>> However, I'm
>>>> not sure that we need to attempt solve the problem this month ;)
>>>> Given all
>>>> of the ideas being offered, it would appear that Access control
>>>> mechanisms, WebACL, Web Identity might be in scope?
>>>> 
>>>> Ryan-
>>>> 
>>>> -- 
>>>> Ryan J. McDonough
>>>> Architect
>>>> Location & Commerce
>>>> NOKIA INC.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> From:  ext Martynas Jusevicius <martynas@graphity.org>
>>>> Date:  Wed, 18 Jan 2012 02:35:21 +0100
>>>> To:  Ora Lassila <ora.lassila@nokia.com>
>>>> Cc:  <ivan@w3.org>, <michael.hausenblas@deri.org>, <public-ldp@w3.org>
>>>> Subject:  Re: Linked Data Platform Working Group Charter comment
>>>> Resent-From:  <public-ldp@w3.org>
>>>> Resent-Date:  Wed, 18 Jan 2012 15:49:49 +0000
>>>> 
>>>> 
>>>> Hey all,
>>>> how about Basic Access Control ontology http://www.w3.org/ns/auth/
>>>> acl ?
>>>> 
>>>> We're using it successfully in a Linked Data context  -- in
>>>> combination
>>>> with foaf:Person and sioc:UserAccount, to express a number of users
>>>> and
>>>> user groups and their access rights to resources and classes of
>>>> resources.
>>>> As a result, both authentication and authorization is a matter of a
>>>> single
>>>> SPARQL query.
>>>> 
>>>> It might be simplistic -- but it's a start?
>>>> 
>>>> Martynas
>>>> graphity.org <http://graphity.org>
>>>> 
>>>> On Tue, Jan 17, 2012 at 4:05 PM,  <Ora.Lassila@nokia.com> wrote:
>>>> 
>>>> Ivan,
>>>> 
>>>> Indeed. [Sigh] If I knew of an access control mechanism that is
>>>> mature and
>>>> proven in the Linked Data context I would have made a much stronger
>>>> statement in favor of addressing the issue. We do not want to engage
>>>> in
>>>> R&D work (we have made that mistake before ;-) but my great fear is
>>>> that
>>>> if we merely suggest that someone else will take care of this we may
>>>> be
>>>> signaling that this is not an issue of paramount importance.
>>>> 
>>>> I don't have any magical answers or advice here, I am merely
>>>> expressing
>>>> concern... I guess I would like there at least to be some discussion
>>>> about
>>>> this. Saying that there is no solution and saying that something is
>>>> out of
>>>> scope should, after all, not be the same thing.
>>>> 
>>>>      - Ora
>>>> 
>>>> 
>>>> On 2012-01-17 9:54 AM, "ext Ivan Herman" <ivan@w3.org> wrote:
>>>> 
>>>>> Ora,
>>>>> 
>>>>> I hear you. However (and that may show my complete ignorance...) is
>>>>> there
>>>>> any access control mechanism out there that has already proven
>>>>> itself in
>>>>> the area of Linked Data deployment that is in the maturity level of
>>>>> standardization? I am a bit concerned about chartering this group
>>>>> with an
>>>>> essentially R&D work while the other goals are much less so...
>>>>> 
>>>>> Ivan
>>>>> 
>>>>> On Jan 17, 2012, at 15:47 , <Ora.Lassila@nokia.com> wrote:
>>>>> 
>>>>>> As much as I would like to have a "tight scope" for this WG, I
>>>>>> have to
>>>>>> observe that access control (or more like lack thereof) has often
>>>>>> been a
>>>>>> problem in Semantic Web/Linked Data projects I have been involved
>>>>>> in.
>>>>>> Particularly fine-grained access control of Semantic Web data.
>>>>>> 
>>>>>> I fear that deeming access control strictly "out of scope" and
>>>>>> hoping
>>>>>> that
>>>>>> some (so far unspecified) liaison with other groups to solve this
>>>>>> problem
>>>>>> will only result in the issue not being seen as important enough.
>>>>>> 
>>>>>> My $0.02.
>>>>>> 
>>>>>>   - Ora
>>>>>> 
>>>>>> --
>>>>>> Dr. Ora Lassila  ora.lassila@nokia.com  http://www.lassila.org
>>>>>> Principal Technologist, Nokia
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> On 2012-01-17 6:25 AM, "ext Michael Hausenblas"
>>>>>> <michael.hausenblas@deri.org> wrote:
>>>>>> 
>>>>>>> 
>>>>>>> All,
>>>>>>> 
>>>>>>> I'd suggest to improve the following section and be more explicit
>>>>>>> regarding the bigger picture [1]:
>>>>>>> 
>>>>>>> [[
>>>>>>> 2.3 Out of Scope
>>>>>>> Several possible standards that are out of scope for this group,
>>>>>>> such
>>>>>>> as those listed below:
>>>>>>> 
>>>>>>>  € Access control mechanisms, WebACL, Web Identity
>>>>>>> ]]
>>>>>>> 
>>>>>>> Mention that both authentication and authorisation are orthogonal
>>>>>>> issues and hence, in order to stay focused and to be successful,
>>>>>>> the
>>>>>>> WG will not focus on these issues (but liaison with the respective
>>>>>>> groups to ensure compatibility and openness).
>>>>>>> 
>>>>>>> Thoughts?
>>>>>>> 
>>>>>>> Cheers,
>>>>>>>  Michael
>>>>>>> 
>>>>>>> [1] http://www.w3.org/wiki/WriteWebOfData
>>>>>>> --
>>>>>>> Dr. Michael Hausenblas, Research Fellow
>>>>>>> LiDRC - Linked Data Research Centre
>>>>>>> DERI - Digital Enterprise Research Institute
>>>>>>> NUIG - National University of Ireland, Galway
>>>>>>> Ireland, Europe
>>>>>>> Tel. +353 91 495730 <tel:%2B353%2091%20495730>
>>>>>>> http://linkeddata.deri.ie/
>>>>>>> http://sw-app.org/about.html
>>>>>>> 
>>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>> 
>>>>> 
>>>>> ----
>>>>> Ivan Herman, W3C Semantic Web Activity Lead
>>>>> Home: http://www.w3.org/People/Ivan/
>>>>> mobile: +31-641044153 <tel:%2B31-641044153>
>>>>> FOAF: http://www.ivan-herman.net/foaf.rdf
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>> 
>>> 
>> 
> 
> 

Received on Tuesday, 31 January 2012 14:34:13 UTC