Re: Use Cases and Requirements document for WebID from Alexandre Bertails on 2012-12-13 (public-webid@w3.org from December 2012)

From: Alexandre Bertails <bertails@w3.org>
Date: Thu, 13 Dec 2012 08:40:27 -0500
To: Henry Story <henry.story@bblfish.net>
CC: nathan@webr3.org, public-webid Group <public-webid@w3.org>
Message-ID: <50C9DACB.8070207@w3.org>
On 12/13/2012 06:19 AM, Henry Story wrote:
> [removed read-write-web]
>
> Hi Nathan,
>
>    I think Alex put that together quite quickly ( and I think he's really busy
> writing W3C validators right now ), so we'll need to do a bit of interpretation
> of what he intended, trying to use the principles of charity as far as possible
> ( ie. don't make the person you are interpreting say something nonsensical )

I find most of Nathan's points valuable. I will reflect that in my
document this week-end (can't do it earlier, time is missing).

I wish this kind of conversation had happened earlier. For me, WebID
is too much of a moving target without such a work. I believe this is
why we can't agree on definitions, we don't even agree on what we want
to accomplish, and I can't commit much time in these conditions.

Alexandre.

>
> On 11 Dec 2012, at 17:29, Nathan <nathan@webr3.org> wrote:
>
>> Henry Story wrote:
>>> Use-Cases:
>>> 	• referring to one's identity
>>
>> "one's"? are we excluding machine agents?
>>
>> I'd love to go in to detail about referring to the identity of a thing, but will simply propose this is swapped to "providing a reference to an agent", or words to that effect.
>
> yes. good point.
>
> Perhaps:
>
> "For any Agent A with a WebID w, w must globally refer to A".
>
> I would add:
>
> "For any Agent A with a WebID w, w must globally refer to A, and the meaning of w must
> be discoverable from the name w alone, such that it can be determined that w refers to A"
>
> ie. we want the meaning of the term w to be defined so that it does not require
> backchannels to grasp the meaning.
>
> I feel like adding "in a Linked Data Space", but I suppose LDP below takes care of that.
>
>>
>>> 	• WebID-based authentication
>>> 	• WebID-based authorization
>>
>> WebID-compatible, or WebID-based?
>
> My guess is that
>
> "Given that Agent A uses WebID W, W MUST be useable for Authentication and for Authorization of A".
>
> In any case those are core use cases.
>
>>
>>> Requirements:
>>> 	• one MUST be able to change one's WebID
>>
>> well... we MUST be able to have multiple WebIDs, and have a preferred or canonical one, the notion of "changing" is a bit strange within the timelessness of RDF.
>
> Again you are right. There seem to be a few subtopics here:
>
>   1. Allow any Agent A to have n number of WebIDs, where n>=0
>   2. If an Agent A is widely known to have identity w, allow a method of transition from w to a
>      new identifier w2, such that the network of trust built up on w can be transferred to w2
>
> So that seems to give us another use case:
>
>     • distributed trust or linkability
>
>>
>>> 	• one MUST distinguish a WebID (a simple URI for a Web Resource) from a WebID Profile (the Web Information Resource). This SHOULD not rely on dereferencing.
>>
>> Can we keep this to MUSTs and not SHOULDs.
>
> I think one can keep
>     • one MUST distinguish a WebID (a simple URI for a Web Resource) from a WebID Profile
>
> The "SHOULD not rely on dereferencing" part would clearly be a conclusion to be reached in some
> other way, but as an initial requirement it seems to need justification, or else we just pushed the
> 303 debate into the requirements.
>
>
>>
>>> 	• the system MUST take efficiency into account
>>
>> Which system? and efficiency of? (Network, Implementation, Inference and Querying?)
>
>    I suppose architectural efficiency. This is an engineering structure we are putting in place
> not a logical/mathematical one, so yes. This seems more like a selection principle when confronted
> with a number of possibilities.
>
>>
>>> 	• the system MUST not introduce any incompatibility with LDP, especially for Write operations
>>
>> the "especially for.." is redundant.
>
>    agree, this can be:
>
>    • the system MUST not introduce any incompatibility with LDP
>
> But that's not that interesting. I think much more interesting is a use case that
> ( I am not so keen on MUST and should .... )
>
>    • creation of account and WebID using LDP
>    • edit attributes using LDP - this is key differentiator with say OpenId Attribute Exchange
>    • restrict access to attributes of the user profile ( be able to do this with LDP )
>    • use WebID to protect any LDP resource
>
>
>>
>>> 	• the Web Profile MUST define a default representation format
>>
>> can we define "the Web Profile" here, what is it, and how does it define a default for itself?
>
> I think he meant WebID Profile, and that is already defined in the spec. Otherwise one could
> define it as the meaning that is associated with the URI.
>
> I think that the previous point gets us there, since LDP does define a default representation.
>
>>
>>> 	• the system SHOULD considerer legacy WebIDs (or FOAF/SSL) whenever possible
>>
>> please define legacy WebIDs here and swap it to a MUST or remove completely.
>
> There seems to be a number of different things here, but I still think this would be very useful to
> put together. At TPAC I had someone mention use cases for TV and Web. I think we'll get some more interesting ones as we fill up the wiki page.
>
> Henry
>
>>
>> Cheers,
>>
>> Nathan
>
>
>
>
> A short message from my sponsors: Vive la France!
> Social Web Architect
> http://bblfish.net/
>
Received on Thursday, 13 December 2012 13:40:31 UTC