Re: Web Identity 1.0 -- Draft Spec

On 1/9/14 10:21 AM, Timothy Holborn wrote:
> I think I've used, built every known webid enabled service / system / 
> platform out there, i'll make a list at some stage: from a user 
> perspective, it's very confusing...

Again, WebID is a colloquialism (so to speak) for an HTTP URI that 
denotes an Agent i.e., an Entity that's of type foaf:Agent. That's it.

You are using a WebID whenever you de-reference (lookup) the description 
of what an HTTP URI denotes, where the referent of said URI is a person, 
organization, software, robot, or anything else capable of mechanized 
operations.

>
> I honestly do not think it describes a human well, or acknowledge a 
> specific human on a keyboard.

A WebID doesn't describe a human. It denotes a human. Basically, in 
regards to Linked Data, an HTTP URI (e.g., a WebID) functions like a 
"Term" in that it resolves to a description of what it denotes i.e., its 
referent [1].
>  It's a necessarily element, like a bank-card to an account holder - 
> but the card or the account, is not the person and the account / card 
> can be labelled as to describe a relation, rather than the person: 
> therein, agent.

A bank card (or any other identity card) is like a profile document 
comprised of identity oriented claims that are verifiable by the card's 
issuer. Hence my reference to "Identity Card" which is what a WebID 
resolve to etc..

An Identity Card is comprised of a collection of statements about a 
Subject. The Subject in question still needs to be denoted by an 
identifier, so you end up with two distinct things:

1. Identifier that denotes the description subject -- entity of type 
foaf:Agent
2. Identifier that denotes the description document -- entity of type 
foaf:Document .

>
> Webid to users means login with a certificate.

Yes, I will concede that the misconception in question is real. Its the 
by product of an initial narrative that overreached  :-(

>  I've now got so many certificates, and I think I've even lost some - 
> don't even remember the services I lost them from; and let's not get 
> into early bitcoin mining testing; anyhow, it probably should mean, I 
> have authorised devices, accounts, relationships, agreements: that can 
> do predefined tasks without my direct intervention (unless I've set 
> out a flag, or whatever).

Having many identifiers and identity cards is a good thing. Entropy is 
ultimately how we are going to get out of the current privacy mess 
created by Web 2.0 patterns and solutions.

>
> So, I recon the identity chain isn't finished yet, unless everything 
> is public except for what programmers develop and manage specifically, 
> which isn't the mission...

The identity chain cannot be a static thing. The conceptual dependency 
graph is already in place due to the existence of relevant open 
standards, covering all the key impact areas.

Our biggest challenge boils down to getting out of the habit of creating 
new standards afresh, from limited industry knowledge and experience, as 
a gut reaction to emergent problems.

>
> Leaky abstraction threatening standards interoperability (not many 
> webid users out there ATM) vs. one ring to rule them all - there's a 
> few other options...

No, the is but one option: use existing open standards (where such 
exist) to solve current and future problems. This is what the 
architecture of the World Wide Web has put on a platter for years, but 
there remains a tendency to not thoroughly understand the dexterity 
inherent in this utterly wonderful piece of work!

>
> In theory, every user becomes an identity provider to some level: even 
> if it's simply acknowledging they own a computer and an account where 
> they provide access to resources to others.

Every user has to be their own identity provider. It shouldn't require 
ownership of a domain. It should simply boil town to verifiable identity 
card ownership and authorship.

>
> At the moment, identity providers are centralised.  So I think it's 
> functionally quite different.

See my comments above. I have zero interest in centralized solutions 
because they are all inherently flawed, especially in the context of the 
World Wide Web.

>
> Just ideas, I'll keep thinking.
>
> Notes below.
>
> Sent from my iPad
>
> On 10 Jan 2014, at 1:04 am, Kingsley Idehen <kidehen@openlinksw.com 
> <mailto:kidehen@openlinksw.com>> wrote:
>
>> On 1/8/14 10:27 PM, Timothy Holborn wrote:
>>> re: G+[1] i agree with Kingsley almost; and the underlying 
>>> differentiation, is in seeking to define 'persona' as a separate 
>>> 'identity' for the purpose of identity management.
>>>
>>> Some ideas (sorry for the length; ideas are still draft).
>>>
>>> *WEBID*
>>> There's a couple of different sorts of 'things' that interact. 
>>>  WebID seems to make the most sense for 'things that speak internet' 
>>> (and knows what to do with a cert).
>>> WebID [2] seems to provide a method to deploy x509 with RDF, which 
>>> is beneficial for IoT / WoT; therefore reinforcing identity / 
>>> privacy methods, especially when applied to an RWW Account (LDP / 
>>> RDF + storage + base services
>>
>> Not really. A WebID is a term that refers to the use of HTTP URIs for 
>> denoting (naming or "referring to") agents (entities such as people, 
>> organizations, sofware, robots, and anything else capable of 
>> mechanized operation). Its sole purpose is entity denotation, that's it.
>>
> http://www.w3.org/wiki/WebID Or updated version 
> https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/index.html
>
>> Unfortunately, during the early days of WebID, it got conflated with  
>> Discovery and Authentication, as reflected in your characterization 
>> above re. X.509  and RDF.
>>
>> In recent times the following have been established to be distinct:
>>
>> 1. WebID
>
> So, foaf?  What's different here from foaf.

See my earlier comments about what a WebID is about.

Links:

[1] http://bit.ly/15tk1Au -- HTTP URI based denotation illustrated .


-- 

Regards,

Kingsley Idehen 
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Received on Thursday, 9 January 2014 20:50:28 UTC