- From: Olivier Berger <olivier.berger@it-sudparis.eu>
- Date: Fri, 13 Jul 2012 16:46:00 +0200
- To: Henry Story <henry.story@bblfish.net>, Sebastian Tramp <tramp@informatik.uni-leipzig.de>
- Cc: Andrei Sambra <andrei@fcns.eu>, public-webid <public-webid@w3.org>, Read-Write-Web <public-rww@w3.org>
Hi. About the naming scheme for all these delegated cases, and this time refering to the discussions about secretaries / agents acting on behalf of users (and not about the simple delegated authentication I've just posted about in another thread), may it make sense to call that "delegated authorization" for the more general acceptions ? Also, I didn't see OAuth [0] mentioned so much in what I've read so far. Still I very much think OAuth has indeed been built to allow (web) apps to act on other services on behalf of users, once they have delegated them some sort of a token to act on their behalf in the background. Again, can we same much of the low-level implementation details (like signature or REST invocations between various agents) from OAuth ? So maybe my WebID can describe the kind of delegation of authorizations I grant to particular services/agents/secretaries (identified by their own RDF description) in a standard and interoperable way (RDF ACL kinds), instead of just creating various ad-hoc OAuth tokens in the different databases of the different apps where I want these agent to act on my behalf, but then all the communication between the agents and the apps would occur over OAuth signed invocations : no need to reinvent the already specified protocol ? Does this make sense ? Hope this helps. Best regards, [0] http://tools.ietf.org/html/rfc5849 Henry Story <henry.story@bblfish.net> writes: > On 23 Jun 2012, at 17:11, Sebastian Tramp wrote: > >> On Sat, Jun 23, 2012 at 11:54:59AM +0200, Andrei Sambra wrote: >> >> Hi all, >> >> since we discussed this problem e.g. at the FSW in Berlin and on other places, >> I had some material about webid delegation already finished. >> >> I've created a wiki page here: >> http://www.w3.org/wiki/WebID/Delegation > > Great work! Thanks. > >> I've added an extended sequence image and some structure and hope we can take >> this as a base for future discussion. Also note that we have this implemented >> since 3 years in OntoWiki (to allow inter-OntoWiki communication) but with >> other namings. Currently, Phil is reworking this part so that others (e.g. >> Andrei) can use that too (the link is added to the page too) > > Great. yes, we should try to come to agree on some naming scheme. > I hope to be able to implement this soonish. The read-write-web rewrite > in Play 2.0 is moving ahead.... Then we can test and write it out nicely. > But don't let my slowness slow you down :-) > -- Olivier BERGER http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 2048R/5819D7E8 Ingenieur Recherche - Dept INF Institut Mines-Telecom, Telecom SudParis, Evry (France)
Received on Friday, 13 July 2012 14:46:28 UTC