Re: Webid Editor/Author issue from Melvin Carvalho on 2013-05-29 (public-webid@w3.org from May 2013)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Wed, 29 May 2013 16:02:07 +0200
To: Henry Story <henry.story@bblfish.net>
Cc: Coralie Mercier <coralie@w3.org>, Olivier Berger <olivier.berger@telecom-sudparis.eu>, public-webid Group <public-webid@w3.org>
Message-ID: <CAKaEYhK_9i0AV9FrWwgx0EqNhAUNZXZNNxeTpZ6+ZCzhD7gGYw@mail.gmail.com>
On 29 May 2013 12:46, Henry Story <henry.story@bblfish.net> wrote:

>
> On 29 May 2013, at 12:43, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
>
> >
> >
> >
> > On 29 May 2013 12:27, Henry Story <henry.story@bblfish.net> wrote:
> >
> > On 29 May 2013, at 12:00, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
> >
> >>
> >>
> >>
> >> On 29 May 2013 10:29, Henry Story <henry.story@bblfish.net> wrote:
> >>
> >> On 29 May 2013, at 10:08, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
> >>
> >>>
> >>>
> >>>
> >>> On 29 May 2013 09:29, Henry Story <henry.story@bblfish.net> wrote:
> >>>
> >>> On 29 May 2013, at 01:14, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
> >>>
> >>>>
> >>>>
> >>>>
> >>>> On 28 May 2013 11:14, Olivier Berger <
> olivier.berger@telecom-sudparis.eu> wrote:
> >>>> Hi.
> >>>>
> >>>> In the discussion about the potential use of WebID + TLS as a mean to
> >>>> sign-in to Debian Web services/apps, we somehow came to the conclusion
> >>>> [0] that it could be used provided that we establish trust in WebIDs
> >>>> presented by users, only if they are signed with a GnuPG signature
> made
> >>>> by an existing Debian contributor, leveraging the existing Debian
> GnuPG
> >>>> Web of Trust [1].
> >>>>
> >>>> This use of an existing GnuPG WoT, which is essentially distributed,
> >>>> fits well with many interesting aspects of WebID (under control of the
> >>>> user, etc.).
> >>>>
> >>>> Wrt Linked Data, this is not exactly optimal : GPG signatures apply
> for
> >>>> documents and not triples, so the model is not as elegant as we'd want
> >>>> it ? I guess other signature mechanisms could be more Linked Data
> proof,
> >>>> and may make more sense wrt WebID and trust.
> >>>>
> >>>> Has this topic of trust wrt WebID been discussed already ?
> >>>>
> >>>> Manu Sporny, who wrote the original WebID+TLS spec,
> >>>
> >>> Saying that he wrote the original WebID+TLS spec is pure fantasy. He
> helped host
> >>> the group for a while. The spec has it's origins way before Manu's
> intervention.
> >>> He never participated in the WebID Incubator group.
> >>> As a result I have removed his name as a author from the latest spec
> drafts,
> >>> given that he is in fact publically arguing against WebId. His name
> >>> remains in the contributors section though.
> >>>
> >>> You could be right, though that may be slightly harsh.
> >>>
> >>> I seem to recall that Manu made a big contribution to putting the spec
> into a professional format.
> >>
> >> That may be. But that makes him a contributor, not an author or an
> editor. And so I have kept him as a
> >> contributor.
> >>
> >>>
> >>> Manu left the working group,
> >>
> >> He never joined as far as I recall, so he could not have left.
> >>
> >>> among other reasons, because he felt that there would be greater
> adoption in the short to medium term, without the hard dependency on X.509
> certificates.  This was also the feedback we (Manu and I) got when speaking
> to Canonical on a conf call about getting WebID into Ubuntu.
> >>
> >> I was not at that call. So I am not sure what was said. Manu's aims
> were very different from what the group
> >> here was trying to do. His work may be compatible with what we are
> doing, as most standards in the end should
> >> be.
> >>
> >> From the normative webid site webid.info, if you click on spec you
> come to:
> >>
> >> http://www.w3.org/2005/Incubator/webid/spec/
> >>
> >> Authors:
> >>
> >> Manu Sporny, Digital Bazaar, Inc. msporny@digitalbazaar.com
> >> Toby Inkster
> >> Bruno Harbulot
> >> Reto Bachmann-Gmür
> >>
> >> The first draft of which was
> >>
> >> http://www.w3.org/2005/Incubator/webid/spec/drafts/ED-webid-20100711/
> >>
> >> Manu was the sole editor of this spec, with Henry and Toby as Authors
> >>
> >> Previous Version
> >>
> >> http://www.w3.org/2008/09/msnws/papers/foaf+ssl.html
> >>
> >> IMHO, the previous version was more a position paper than a
> specification.
> >>
> >> Significant edits were made in the following weeks, where stephane was
> also made an editor (and henry remained an author)
> >>
> >> http://www.w3.org/2005/Incubator/webid/spec/drafts/ED-webid-20100809/
> >>
> >> So, I think it was a slightly harsh decision to single him out.
> >
> > The edits are in the mercurial repository.
> > https://dvcs.w3.org/hg/WebID/log/6ec1b5126712/index-respec.html
> >
> > Different people contributed, manu integrated these contributions,
> > and his contributions were mainly editorial, not authorial.
> > And so he was listed as one of the editors on those specs.
> >
> > But since he has not contributed for the last three years, ( his last
> > contribution on July 2010 ) and was not present in the Incubator
> > we have put him as contributor.
> >
> > Unless one of us has travelled in time, I think you mean he HAS
> contributed in the last 3 years. :)
>
> Ok if you want to be picky: he has not contributed in the past 2 years and
> 10 months.
> The Incubator Group started on 14 January 2011
>

I'm not trying to be picky.  Just that your statement was inconsistent.
You may even note that Manu posted on the webid mailing list as recently
last month.

In a short space of time, Manu turned a collection of blog posts, wiki
pages and a position paper, into a spec.  Much of which survives today in
terms of structure, naming and definition.  He also provided an open source
implementation, and would have done much more, had there been a more
welcoming environment.

>
>
> So his last contribution was way before the start of this group.
>

And so?  The same is true of other authors listed.


>
> >
> >
> > I think this is pretty clear.
> > It may be that we need to remove him as editor or author from all the
> > recent historical versions of the WebID spec to be consistent.
> >
> >
> > Henry
> >
> >>
> >>
> >>>
> >>>
> >>>
> >>>> put together another spec, WebKeys, to be used for encrypting and
> signing messages.
> >>>>
> >>>> https://payswarm.com/specs/source/web-keys/
> >>>>
> >>>> Could this solve the problem?
> >>>>
> >>>> I'm unsure what you want to sign, the webid itself, the webid profile
> page, or the triples associated with the agent ...
> >>>>
> >>>>
> >>>> I guess it could make an interesting use case anyway.
> >>>>
> >>>> Any comments ?
> >>>>
> >>>> Best regards,
> >>>>
> >>>> [0] http://lists.debian.org/debian-devel/2013/05/msg01098.html
> >>>> [1]
> http://www.debian.org/doc/manuals/developers-reference/new-maintainer.html#registering
> >>>> --
> >>>> Olivier BERGER
> >>>> http://www-public.telecom-sudparis.eu/~berger_o/ - OpenPGP-Id:
> 2048R/5819D7E8
> >>>> Ingenieur Recherche - Dept INF
> >>>> Institut Mines-Telecom, Telecom SudParis, Evry (France)
> >>>>
> >>>>
> >>>>
>
> Social Web Architect
> http://bblfish.net/
>
>
Received on Wednesday, 29 May 2013 14:02:39 UTC