Re: Simple WebID, WebID+TLS Protocol, and ACL Dogfood Demo

Hi Kingsley,

 Thanks for the links. Trying out the first link (
http://youid.openlinksw.com/) now, some notes:

1. Certificate Name: maybe there could be some examples of ways to name
your certificate. I was speaking with Henry Story about this during the
OHM2013 conference, because at one time I had inadvertently 3 different
WebID certs in my browser, when I would visit a WebID enabled site, I'd
have no idea which one to choose, they were all the same "Nick Jennings
..." ... He suggested that I give them unique names like "Work" "Home"
"Junk" etc. so I know when to use them in which cases... but this isn't
very obvious to a new user.

In general, that brings up some thoughts for me, maybe here's the place to
share them. It would be cool in browsers could bake the idea of a WebID
into the persona/profile of the browser session. (ie. chromes profiles, and
firefox has a profile plugin). Just allowing (by default, i guess) one
WebID per persona. This way you are encouraged to manage different profiles
at the browser level, rather than juggling a bunch of certificates with
naming hacks to figure out which is which... ?


2. With firefox, after filling out the form, I get a download dialogue for
the cert instead of it installing into the browser. So I saved, then went
into preferences and "import" ... which was successful with "Successfully
restored your security certificate(s) and private key(s)". Previously, with
my-profile.eu, this was automatically installed into the browser (I was
using Chrome then). Though I guess it's better to have it export/save by
default so you can install the same cert on any number of browsers without
hassle. Still, it creates more steps and could be confusing for new users.


3. After importing the cert, when I go to rww.io, it asks me to select a
cert (which I do) but then when I view silverbucket.rww.io it still says in
the upper right "webid login"... I can't tell if I registered this spot and
it's working, or not. There's no real user feedback as to login state. Same
with taskify.org. I don't know if this is a site UI problem or a cert issue.

Would be cool to have login state also baked into the
browser/profile/webid. I imagine something like what chrome has, an avatar
in the upper-left which indicates who you "are" at the moment, with an
overlay (padlock?, green/red light?) icon of your login state for that
particular site.


I know most of my suggestions are for browser developers, I just wanted to
share my overall impression of WebID. I think it's a great idea, but it
still feels very intangible as a user.
-Nick










On Wed, Aug 7, 2013 at 6:54 PM, Kingsley Idehen <kidehen@openlinksw.com>wrote:

>  On 8/7/13 12:43 PM, Nick Jennings wrote:
>
>  It would help if there was some way one could reliably get and manage
> WebID. As it is right now, neither rww.io nor my-profile.eu (which are
> the only ones I know about) are functioning in terms of generating a WebID
> for the browser.
>
>
> Does this also apply to:
>
> 1. http://youid.openlinksw.com
> 2. http://id.myopenlink.net/certgen .
>
> Note, both of these provide the pkcs#12 option (as opposed to keygen) by
> default.
>
> In addition, if you already have a FOAF profile doc, use the second tab
> (we forgot to list FOAF where you see OpenID). Then follow the wizard to
> then end of the process which basically provides content for you to
> manually add to your FOAF profile. Of course, if you don't manage your own
> profile document, you take the defaults which leads to the profile document
> be hosted at id.myopenlink.net.
>
> As I type, I just realized we overlooked a key feature and that's setting
> an ACL on the profile document generated on id.myopenlink.net so that you
> control the ACLs going forward.
>
> Note to self (and rest of OpenLink Data Spaces team), that's a new feature
> zilla :-)
>
>
> Kingsley
>
>
>  I had some from my-profile.eu that were generated several months ago,
> but I removed them all during some tests and was unable to get a new one. I
> tried in both Firefox and Chrome. Anyone having trouble as well?
>
>
>
>
> On Tue, Aug 6, 2013 at 8:01 PM, Kingsley Idehen <kidehen@openlinksw.com>wrote:
>
>> All,
>>
>> Following the earlier posts about WebID (and by implication, WebID+TLS),
>> here is a very simple demonstration of how we can put this technology to
>> good use re., protected document authoring and editing.
>>
>> For this exercise I've performed the following steps:
>>
>> 1. Created a protected Turtle document at: <
>> http://kingsley.idehen.net/DAV/home/kidehen/Public/Linked%20Data%20Documents/WebID-ACL-Demos/simple-shared-turtle-doc.ttl
>> >
>>
>> 2. Used WebID (Agent entity type denotation), WebID+TLS (for agent
>> identity authentication), and an ACL (itself expressed in Turtle) to create
>> a data access policy that enables anyone read the document's content, but
>> only allowing those with verifiable WebIDs to perform read, write, and
>> delete operations.
>>
>> This entire exercise is driven by Linked Data.
>>
>> Let everyone know how you get on :-)
>>
>>
>> --
>>
>> Regards,
>>
>> Kingsley Idehen
>> Founder & CEO
>> OpenLink Software
>> Company Web: http://www.openlinksw.com
>> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
>> Twitter/Identi.ca handle: @kidehen
>> Google+ Profile: https://plus.google.com/112399767740508618350/about
>> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>>
>>
>>
>>
>>
>>
>
>
> --
>
> Regards,
>
> Kingsley Idehen 
> Founder & CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter/Identi.ca handle: @kidehen
> Google+ Profile: https://plus.google.com/112399767740508618350/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>
>
>
>