Re: Extending the WebID protocol with Access Delegation

On 17 Aug 2012, at 11:11, Dominik Tomaszuk <ddooss@wp.pl> wrote:

> On 17.08.2012 10:56, Olivier Berger wrote:
>> 
>> Is the On-Behalf-Of header necessary ?
> +1
> I propose to this step in my Ph.D. thesis URI query string
> ?secretaryof=_encoded_URI

You mean the resource you are requesting would have that attribute value?  How would a client know when it should add that attribute-value pair to a URI? Every resource on the internet would then need to follow this convention, which means URIs would no longer be opaque. This seems unworkable. 

But there is something to the idea. If you do that, why not have a different URI for each view on the resource? If you do that then there is no more an issue with different people having different representations for the resource. The resource would return the same view to all people who are able to access it. This may indeed be more RESTful (one would have to look into it)

Question: But then how can the server tell the secretary that she can only give this to Jack?

Answer: The resource would have to make some claim to the client in the header, that only some group of agents should see the resource. 
   That would perhaps be a way of turning things around. Then the secretary is added just as another user to the ACL - as Kingsley would like - but the resource is returned with a header saying that the secretary can only read it but only republish it to Joe.

Henry

> 
> Cheers,
> Dominik

Social Web Architect
http://bblfish.net/

Received on Friday, 17 August 2012 20:10:21 UTC