Re: Publishing updated spec documents.

Few ideas…

re: https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html
I wonder whether the term ‘person’ could be replaced with ‘actor’ (meaning legal entity effectively? - whether alone or in relation to another...) 

Idea being… from,

"A global distributed Social Web requires that each person be able to control their identity, that this identity be linkable across sites - placing each person in a Web of relationships - and that it be possible to authenticate globally with such identities."

to, (something like)….

"A Semantic Web Platform providing a distributed world wide web of meaning requires methods and systems that provide each actors the ability to control and manage their identity, and the read-write permissions of web-based resources associated to an actors identity.  In-order for this to become compliant with the vision of the semantic web, the identity must be linkable across sites - placing each actor in a Web of relationships - so that it be possible to authenticate globally identity information and directives with actors and agents.”

the old w3 Web sessions [1] inspired a few ideas about naming.  IoT/WoT (perhaps meaning both Web of Things and Web of Trust?) may seemingly provide the ability for something like a RWW Server (with ACLS) to have the capacity to approve/deny when a user is offline (using existing permissions structures, etc.); therein, agent not just person. 

Further down in 5.1 “WebID Profile Vocabulary” i think this is overly exacting; re: foaf - perhaps point to foaf? re: ontology - what others could be used? (i imagine not solely / specifically - foaf);  I envisage models where my phone as a WebID, my PC / MAC a WebID, my RWW-Server (i might have it as a person, as a company - or buy a service from someone-else.) has a WebID and my rww-server account (i might have a bunch of them and script data-storage across distributed locations, etc.) has as WebID.  Therein; in-order to authenticate and communicate i’m using both a person (me) and my agents (my things); to get to a point where i’m capable of having an ‘active web’ environment for linking resources with others. 

In effect WebID is linking a Certificate to an RDF Document.   Validation comes to mind? does that mean it needs to be a HTML+RDFa 1.1 valid document? http://www.w3.org/TR/rdfa-in-html/ ??  

Perhaps rather than specifying the style; specify the structure? I’m thinking WoT becomes important herein? 

Re: https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/tls-respec.html

The document expresses "Web of trust using vocabularies such as [FOAF]” however perhaps tangentially; how is the user notified of the authenticating agent / details.  does consideration need to be made around user-notification of the entity / information in the cert… 

Underlying is the idea that a WebID exists within an existing Web of Trust.  Is there an example somewhere that shows how the "confidence level (?)” might improve in a web of WebID’s inclusive of agents (things: apps, servers, etc.) & actors (companies, people)?  

consideration being; say, i go build a Webid enabled website saying i’m an existing bank.  build a fake online banking page, with my new authentication method - asking for people to login, update. (perhaps that’s outside scope? but…) do we need some sorta guide to assess confidence level? 

second issue that’s more problematic; the relationship between a webid and openID (or other password / username); i have computer, i leave for uni / work / coffee with friend; someone in the house decides to sit at my computer and use sites that authenticate with webid..

on the other side of the coin; if a machine doesn’t have a WebID, doesn’t have the right WebID or more particularly; doesn’t have my specific WebID - then worrying about all sorts of things that are specifically related to the ‘knowledge’ of PWD/USERNAME (stored in some DB somewhere) becomes far less of an issue…  I think though, naming the certificate “my mac pro” or “alice’s MAC @ 28 WebID Valley Road” whatever; will likely become important.   

The question then becomes why issue more than one certificate to a machine is you can establish ‘alice' and ‘bob’ are friends and ‘alice’ gave ‘bob’ permission to use her computer to access his rww account...

Perhaps the spec needs to outline what WebID does not do….
  
hope there’s something useful in there...

timh.

[1] http://www.w3.org/2004/Talks/w3c10-Overview/

On 26 Feb 2014, at 4:15 am, Kingsley Idehen <kidehen@openlinksw.com> wrote:

> On 2/25/14 11:17 AM, Andrei Sambra wrote:
>> Hi all,
>> 
>> I would like to formally invite everyone to review the current version of the specs for WebID [1] and WebID-TLS [2] so that we can have a formal call this Friday (Feb 28th), at the usual time [3]. The purpose of this call will be to agree on the contents of the new documents so that the editors can finally publish them.
>> 
>> Best,
>> Andrei
>> 
>> 
>> [1] https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html
>> [2] https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/tls-respec.html
>> [3] http://www.w3.org/2005/Incubator/webid/wiki/Main_Page#Meetings
> 
> Andrei,
> 
> 
> Wouldn't it be prudent to separate these items in regards to voting? By that I mean, #1 shouldn't be delayed if voting for #2 is inconclusive, for instance.
> 
> We really need to get #1 out, as soon as possible.
> 
> -- 
> 
> Regards,
> 
> Kingsley Idehen	
> Founder & CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter Profile: https://twitter.com/kidehen
> Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
> 
> 
> 
> 
>