- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Wed, 26 Sep 2012 13:58:21 -0400
- To: Kingsley Idehen <kidehen@openlinksw.com>
- CC: Ben Laurie <benl@google.com>, Henry Story <henry.story@bblfish.net>, "public-webid@w3.org" <public-webid@w3.org>, Andrei Sambra <andrei@fcns.eu>
- Message-ID: <5063423D.9050208@openlinksw.com>
On 9/26/12 1:10 PM, Kingsley Idehen wrote: Type fixed edition for sake of absolute clarity about my response, as edited inline. > On 9/26/12 11:48 AM, Ben Laurie wrote: >> No, the point you are missing is that in capabilities the_only_ >> authority I need to access a resource is the name of that resource - >> the URI in your case. > You can't seriously believe I am missing that point while also espousing the virtues of hyperlinks as denotation mechanisms for a global web of linked data? That doesn't compute. That's a contradiction. I've published more than enough examples [1] of resource access constrained by social relationships semantics and I encourage you to take a look and have a play. > >> Security derives from the unforgeability of the >> URI, rather than an independent system that decides if some principal >> has permission. Security is not derived from the persistence of a URI per se., its derived from the values exposed directly or indirectly via URI de-reference with logic handling guiding inference. I can have many identifiers, but relationship semantics ultimately determine if I can access a resource at an address, directly or indirectly by name reference. > >> >> The problem that best shows the critical difference betweens caps and >> ACLs is the confused deputy problem: >> http://en.wikipedia.org/wiki/Confused_deputy_problem. > Not at all! I can sign a document that makes claims about co-reference by name or value, in the absolute worst case. Note, a document is a materialized or transient view in the aforementioned data access context. Basically, that's why we relationship semantics for entailing equivalence by name, ditto. inverse functionality. These matters have been long addressed in computer science. Right now, we have a ubiquitous Web that simply let's us reapply what already exists, in newer and more profound context. At this juncture, my position hasn't changed. You haven't introduced a new insight that's incongruent with what's possible via the Web today. > > Links: 1. http://bit.ly/M7hd4T -- use of social relationship semantics to control access to a resource via sparql (basically deep integration of relationship semantics into data access via SPARQL protocol ) 2. http://bit.ly/UuWZSI -- other posts about different aspects of the same fundamental concept re. leveraging Linked Data (which is all about URIs based Names) covering semantic relationships applied to controlled resource access. -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Wednesday, 26 September 2012 17:58:49 UTC