- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Mon, 12 Jul 2010 10:29:16 -0400
- To: Reto Bachmann-Gmür <me@farewellutopia.com>
- CC: Manu Sporny <msporny@digitalbazaar.com>, foaf-protocols@lists.foaf-project.org, RDFa WG <public-rdfa-wg@w3.org>
Reto Bachmann-Gmür wrote: > Hi > > Some opinions a first look: > > - I'm against requiring RDFA as this means I cannot expose my triple > store as a collection of Web-Ids without adding some templates. RDFa shouldn't be mandatory or given higher status to other data representation formats associated with RDF (the Data Model). I believe Manu is fixing / fixed this. > If we > really think a format mus be guaranteed the I think it should be > RDF/XML. > No! Data Representations shouldn't become a battle ground. Please remember the very essence of Web Architecture: Data Representation formats are Negotiable. Give examples using appropriate formats when seeking optimal communication vehicle for a give audience etc.. RDFa for HTML audience and one of the other RDF model associated formats when dealing with LOD and Semantic Web Core types. > - I disagree with 2.2.4, especially if the PPD is delivered oven an > insecure connection the server might have better ways to verify that > the claimed identity matches the keypair used by the request of the > client > - Webid/OpenId: it should be noted that the WebId identifies the > agent, while the OpenId identifies (an htmlt representation of the) > PPD (as Toby noted the two URIs are typically related) > OpenID aligns to the Profile Doc i.e. they can have the same URL as I've demonstrated repeatedly. Kingsley > Cheers, > reto > > On Mon, Jul 12, 2010 at 10:44 AM, Toby Inkster <tai@g5n.co.uk> wrote: > >> On Sun, 11 Jul 2010 17:28:51 -0400 >> Manu Sporny <msporny@digitalbazaar.com> wrote: >> >> >>> Here's the link to the e-mail announcement on payswarm-dev: >>> >>> http://payswarm.com/pipermail/payswarm-dev/2010-July/000035.html >>> >> This seems like a good start. However, the SPARQL query shown uses the >> deprecated form for marking up keys: >> >> PREFIX cert: <http://www.w3.org/ns/auth/cert#> >> PREFIX rsa: <http://www.w3.org/ns/auth/rsa#> >> SELECT ?modulus ?exp >> WHERE { >> ?key cert:identity <http://example.org/webid#public>; >> a rsa:RSAPublicKey; >> rsa:modulus [ cert:hex ?modulus; ]; >> rsa:public_exponent [ cert:decimal ?exp ] . >> } >> >> The newer form uses datatypes instead of the cert:hex and cert:decimal >> properties: >> >> PREFIX cert: <http://www.w3.org/ns/auth/cert#> >> PREFIX rsa: <http://www.w3.org/ns/auth/rsa#> >> SELECT ?modulus ?exp >> WHERE { >> ?key cert:identity <http://example.org/webid#public>; >> a rsa:RSAPublicKey; >> rsa:modulus ?modulus; >> rsa:public_exponent ?exp . >> } >> >> It's possible to support both in the same SPARQL query: >> >> PREFIX cert: <http://www.w3.org/ns/auth/cert#> >> PREFIX rsa: <http://www.w3.org/ns/auth/rsa#> >> SELECT ?modulus ?exp ?modulus2 ?exp2 >> WHERE { >> ?key cert:identity <http://example.org/webid#public>; >> a rsa:RSAPublicKey; >> rsa:modulus ?modulus; >> rsa:public_exponent ?exp . >> OPTIONAL { ?modulus cert:hex ?modulus2 . } >> OPTIONAL { ?exp cert:decimal ?exp2 . } >> } >> >> Using ?modulus2 and ?exp2 if they are bound; ?modulus and ?exp >> otherwise. >> >> A few other thoughts... >> >> The definition of "WebID URL" is: >> >> | A URL specified in the Subject Alternative Name field >> | of the Identification Certificate that identifies a >> | WebID Profile document. >> >> Actually, the WebID URL identifies an Agent, typically a Person. The >> URL will normally contain a fragment identifier though, and by removing >> the fragment, you get the URL for a WebID Profile document; or if it >> does not contain a fragment identifier, it should perform a 303 >> redirect to the WebID Profile document. >> >> There should probably be a definition for "WebID Holder" or something >> similar. And we should note that the WebID Profile may provide a >> description of the WebID Holder, typically using FOAF. >> >> I'd also like for RDF/XML to be another format that implementations are >> *required* to support. RDF/XML and XHTML+RDFa are the two RDF >> serialisations at W3C Rec status, so it seems sensible to grant them >> both equal status in the WebID spec. (Of course, there's growing >> interest within the W3C in standardising both Turtle and a JSON >> serialisation of RDF. I don't know how many serialisations it makes >> sense to require.) >> >> I think section 2.3.5 should be dropped. Once the identity of the agent >> has been established, it's up to the server what to do with that >> information. We should draw a line between authentication and >> authorisation. Apache does this and it works very well: you can swap >> authn and authz modules in and out independently of each other. >> >> Lastly, it would be nice to keep the foaf-protocols mailing list copied >> into this thread, as it's the main place where FOAF+SSL is discussed. >> >> -- >> Toby A Inkster >> <mailto:mail@tobyinkster.co.uk> >> <http://tobyinkster.co.uk> >> _______________________________________________ >> foaf-protocols mailing list >> foaf-protocols@lists.foaf-project.org >> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols >> >> > _______________________________________________ > foaf-protocols mailing list > foaf-protocols@lists.foaf-project.org > http://lists.foaf-project.org/mailman/listinfo/foaf-protocols > > -- Regards, Kingsley Idehen President & CEO OpenLink Software Web: http://www.openlinksw.com Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca: kidehen
Received on Monday, 12 July 2010 14:29:49 UTC