- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Mon, 19 Nov 2012 21:55:48 +0100
- To: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
- Cc: public-webid@w3.org
- Message-ID: <CAKaEYhJFSKOjRr-QB5fMdjXPjc_=2rSbE_virTTA6PuaZ=vZaA@mail.gmail.com>
On 19 November 2012 21:36, Ted Thibodeau Jr <tthibodeau@openlinksw.com>wrote: > > **** On 11/19/12 10:23 AM, Henry Story wrote: > >>>> I have updated the picture and put Tim Berners Lee as the example. > >>>> I think it is really important to have a real person be the reference > of the WebID for explanatory reasons. People need to be able to do an http > GET on a real URI and see that it actually does work. They must also know > that the person in the real world exists, because otherwise we have to > create a fictional character, and there will be a tendency for that > fictional character to be thought of as just a diagrammatic person - making > it difficult to help people distinguish between symbolic elements and real > elements. > >>>> > >>>> Henry > > > *** On Mon, Nov 19, 2012 at 11:49 AM, Kingsley Idehen wrote: > >>> Now that we have the depiction in place, it's really important to use > this context to explain *indirection*. > >>> > >>> Note: the URIs in this document should be user agent accessible. Right > now, I can't access TimBL's WebID: < > http://www.w3.org/People/Berners-Lee/card#i> as shown via: > http://linkeddata.uriburner.com/about/html/https/dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html. If done right, his URI/WebID would be exposed a value of sioc:links_to > property. > >>> > >>> Back to indirection. > >>> When used in the Linked Data context, a hash URI uses *implicit* > indirection to enable critical look-up association between a URI that > denotes an entity and the URL used to locate said entity's description > document. The same thing happens re. DBpedia's hashless URIs, but the > indirection is *explicit* and requires the user agent to handle 303 > redirection to the URL of the entity description document. This is all > about abstraction and data access by reference. While the aforementioned > pattern is old, HTTP really brings it to the masses in manner that's a lot > easier to appreciate. > >>> > >>> An Identity Provider (the issuer of X.509 certificates) SHOULD be able > to mint hash or hashless HTTP URIs re. WebIDs placed in the SAN slot of an > X.509 certificate. That's the pattern in broad use today re. Linked Data, > as exemplified by most of the LOD cloud. > > > ** On Nov 19, 2012, at 12:00 PM, Andrei SAMBRA wrote: > >> You're going back on what we've agreed on in the last teleconf. The > consensus was that all NEW WebIDs MUST contain the hash, but verifiers > should not fault on hashless ones. It's been marked in red as an issue, but > it's difficult to spot at this point (no HTML markup when looking at the hg > raw file). > > That's not an accurate description of the last telecon. > > There was no such consensus. > > There was a majority opinion, but there was some waffling in > that majority, and even TimBL conceded (or so I heard, quietly > spoken, and sadly not captured in the minutes which tend to be > cursory at best when discussions get particularly involved) that > the hash need not be *required* in the *conceptual* spec -- even > if it were to be required in (one of) the (1.0) *protocol(s)*. > > The WebID *definition* in the *conceptual* spec, need not > specify, need not require, the hash. > > The WebID *definition* should simply specify a HTTP URI. > > (We've conceded that because of the unfortunate specificity of > "Web" in "WebID", that it may specify an "HTTP URI", even though > we strongly believe that this is a needless limitation, and will > force development of another standard because the requirement of > backward compatibility will force all future iterations of WebID > to have this same limitation.) > > > > >>> An Identity Verifier (what performs WebID authentication e.g., over > TLS) needs to be able to simply de-reference an HTTP URI (as other user > agents do e.g., browsers, curl etc.) . Having them only look for hash based > HTTP URIs is an unnecessary limitation. > >> > >> Maybe this is something we should discuss further. How do we process > WebIDs? We could open an issue for it. > >> > >>> A profile document publisher (who doesn't have to be an IDP per se.) > SHOULD be encouraged to use hash based HTTP URIs to denote entities > described by its profile documents since this style of URI inherits the > deployment cost effectiveness associated with *implicit* indirection re., > Linked Data deployed using hash HTTP URIs. > >>> > >>> All: > >>> > >>> These nuances are important. The thing to be prevented, above all > else, is having WebID over TLS based verifiers coded to parse for hash > based HTTP URIs instead of HTTP URIs. This also means not treating 303 as a > fault since that's all about *explicit* redirection which can be used for > the very indirection required by the Linked Data concept. > >>> > >>> The performance headache (real or perceived) shouldn't be the basis > for making this kind of decision. > >>> > >>> Examples of the importance of these issues re. interoperability: > >>> > >>> 1. hashless URIs enable simply integration of Facebook, Twitter, > LinkedIn, and many other Web 2.0 data spaces into Linked Data -- today, any > Facebook, LinkedIn, Twitter etc. user can acquire a fully functional WebID > that verifies with the WebID authentication protocol via the click of a > button > >> > >> Facebook has hash URIs. A _billion_ hash URIs. > > Please note that those hash URIs are not WebIDs. > > > >>> 2. there are already numerous WebIDs out in the field that are > hashless . > >>> > >>> The cost of hash specificity is too high and the reward too low. There > is a middle line that will work fine for everyone. > > * On Nov 19, 2012, at 12:01 PM, Henry Story wrote: > > > > For this you need to put up an issue in the issue tracker > > > > http://www.w3.org/2005/Incubator/webid/track/ > > > > in the product WebID-definition. Point to this e-mail for details. > > ISSUE-69 exists for this purpose. > > http://www.w3.org/2005/Incubator/webid/track/issues/69 > > The name/description was short-handed to get it into place before > being forgotten. To my eyes, your (Henry's) "additional notes" in > that issue reflect less of what actually happened in the telecon, > and more of what your interpretation of the conversation was. > > There are strong arguments for both hashed and hashless URIs. > I see this these arguments as reason to permit both, and to > include some discussion of the strengths and weaknesses of each > in the documents we produce -- including both the costs of lookup > on 3xx redirection (both client- and server-side) and the increased > flexibility that may be provided by such explicit indirection, vs > the lower cost of lookup without 3xx redirection and the limited > flexibility mandated by this implicit indirection. > I've been wondering for some time now what you gain from the 303 dance. Sorry if I've missed something, but could you go over the benefits of having, say http://graph.facebook.com/dave over http://graph.facebook.com/dave# > > > Be seeing you, > > Ted > > > -- > A: Yes. http://www.guckes.net/faq/attribution.html > | Q: Are you sure? > | | A: Because it reverses the logical flow of conversation. > | | | Q: Why is top posting frowned upon? > > Ted Thibodeau, Jr. // voice +1-781-273-0900 x32 > Senior Support & Evangelism // mailto:tthibodeau@openlinksw.com > // http://twitter.com/TallTed > OpenLink Software, Inc. // http://www.openlinksw.com/ > 10 Burlington Mall Road, Suite 265, Burlington MA 01803 > Weblog -- http://www.openlinksw.com/blogs/ > LinkedIn -- http://www.linkedin.com/company/openlink-software/ > Twitter -- http://twitter.com/OpenLink > Google+ -- http://plus.google.com/100570109519069333827/ > Facebook -- http://www.facebook.com/OpenLinkSoftware > Universal Data Access, Integration, and Management Technology Providers > > > > > > > >
Received on Monday, 19 November 2012 20:56:17 UTC