Re: Towards Solid Lite from Melvin Carvalho on 2023-11-02 (public-solid@w3.org from November 2023)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Thu, 2 Nov 2023 14:31:42 +0100
To: David Mason <vid_w3c@zooid.org>
Cc: public-solid <public-solid@w3.org>
Message-ID: <CAKaEYhKjT+AxB-G9NG_4sJKcV2CgmLtYDVt4drmoE2=60Jk=DA@mail.gmail.com>

čt 2. 11. 2023 v 14:25 odesílatel David Mason <vid_w3c@zooid.org> napsal:

>
> Hi,
>
> On Thu, Nov 02, 2023 at 12:00:13PM +0100, Melvin Carvalho wrote:
> >    Have a look at this, I have completed draft 0.0.1.** I will work on a
> >    javascript server now.
> >    [3]https://solid-lite.org/
> >    A typescript implementation would be welcome!
> >    Perhaps different node servers would help with diversity, if so.
> >    The MUSTs are very light, and everything else will go in
> extensions.** So
> >    the code might take no more than 500 lines total.** Wouldnt that be
> nice!
> >    **
>
> To start, a serious round of applause for condensing a lot into a very
> coherent
> document. And a 500 line implementation would be a fantastic contribution,
> I
> assume that relies on key libraries?
>
> I'd be happy to start work on a test feature driven Typescript version of
> this.
> I have just one hesitation, WebID. I don't think it's widely used and as-is
> maybe not appropriate to a contemporary solution, though I understand its
> emphasis on linked data. Could you help me see the light how it would
> easily
> (without endless exceptions) fit into a world of OIDC, fediverse,
> decentralization, etc?  Is there a particular battle tested, well defined
> library you'd suggest I look at that can bridge relevant worlds? rdflib and
> jsonwebtoken are way too low level to provide a good path. To avoid
> misguided
> or dangerous invention, I would need something that provides high level
> handles
> into determined flows. It really is its own project, so I hope it already
> exists, or maybe I could lift that from the Javascript implementation, add
> types at the edges.
>

WebID is a simple starting point.  The auth system should be modular.  I
was thinking of basically something like

https://www.passportjs.org/

Which has 500+ strategies.  We could have all those strategies as
extensions.

Pick which one you want there.


>
> I'd be particularly interested in solutions where the individual has full
> control over their identity (and options for portable data backup). Turmoil
> over a domain shouldn't be a traumatic event. Maybe Decentralized
> Identifers
> to punt between a web domain and other choices? I guess this is what
> Bluesky is
> doing. Though I don't know where DIDs are at, aside from niches, with a
> lot of
> aversion to the blockchain adjacency (which I share; though digital wallets
> are interesting). One of my main interests here is to get away from the
> problems of "shared" servers.
>

I'd look at nostr for this, which should be compatible with solid(-lite) too

https://nostr-resources.com/

I'll do an integration quite soon after finishing the first solid-lite
server

Feel free to raise issues:

https://github.com/solid-lite/draft-spec/issues

We can start to move some of the discussions off the mailing list

>
>
> David
>
>

Received on Thursday, 2 November 2023 13:32:00 UTC