Re: Web Identity 1.0 -- Draft Spec

I think I've used, built every known webid enabled service / system / platform out there, i'll make a list at some stage: from a user perspective, it's very confusing...

I honestly do not think it describes a human well, or acknowledge a specific human on a keyboard.  It's a necessarily element, like a bank-card to an account holder - but the card or the account, is not the person and the account / card can be labelled as to describe a relation, rather than the person: therein, agent.

Webid to users means login with a certificate.  I've now got so many certificates, and I think I've even lost some - don't even remember the services I lost them from; and let's not get into early bitcoin mining testing; anyhow, it probably should mean, I have authorised devices, accounts, relationships, agreements: that can do predefined tasks without my direct intervention (unless I've set out a flag, or whatever).

So, I recon the identity chain isn't finished yet, unless everything is public except for what programmers develop and manage specifically, which isn't the mission...

Leaky abstraction threatening standards interoperability (not many webid users out there ATM) vs. one ring to rule them all - there's a few other options... 

In theory, every user becomes an identity provider to some level: even if it's simply acknowledging they own a computer and an account where they provide access to resources to others. 

At the moment, identity providers are centralised.  So I think it's functionally quite different.

Just ideas, I'll keep thinking.

Notes below.

Sent from my iPad

> On 10 Jan 2014, at 1:04 am, Kingsley Idehen <kidehen@openlinksw.com> wrote:
> 
>> On 1/8/14 10:27 PM, Timothy Holborn wrote:
>> re: G+[1] i agree with Kingsley almost; and the underlying differentiation, is in seeking to define 'persona' as a separate 'identity' for the purpose of identity management. 
>> 
>> Some ideas (sorry for the length; ideas are still draft).
>> 
>> WEBID
>> There's a couple of different sorts of 'things' that interact.  WebID seems to make the most sense for 'things that speak internet' (and knows what to do with a cert). 
>> WebID [2] seems to provide a method to deploy x509 with RDF, which is beneficial for IoT / WoT; therefore reinforcing identity / privacy methods, especially when applied to an RWW Account (LDP / RDF + storage + base services
> 
> Not really. A WebID is a term that refers to the use of HTTP URIs for denoting (naming or "referring to") agents (entities such as people, organizations, sofware, robots, and anything else capable of mechanized operation). Its sole purpose is entity denotation, that's it. 
> 
http://www.w3.org/wiki/WebID Or updated version https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/index.html

> Unfortunately, during the early days of WebID, it got conflated with  Discovery and Authentication, as reflected in your characterization above re. X.509  and RDF. 
> 
> In recent times the following have been established to be distinct:
> 
> 1. WebID 

So, foaf?  What's different here from foaf.

> 2. WebID + TLS authentication protocol -- which is based on RDF, X509, and existing PKI. 
> 
> Once we establish that a WebID is simply a denotation mechanism, the rest of the stack can take shape without falling into the usual "leaky abstraction" tar-pit i.e., where a spec fails (woefully) when it simply seeks to push an agenda rather than deliver standard interoperability via loosely coupling or related parts. Put differently, the spec fails the jigsaw-puzzle-pieces test. 
> 
> [SNIP]
> -- 
> 
> Regards,
> 
> Kingsley Idehen	      
> Founder & CEO 
> OpenLink Software     
> Company Web: http://www.openlinksw.com
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter Profile: https://twitter.com/kidehen
> Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
> 
> 
> 
> 

Received on Thursday, 9 January 2014 15:21:56 UTC