Re: Web Identity 1.0 -- Draft Spec

On 1/9/14 11:04 PM, Timothy Holborn wrote:
> If you decoupled the apps in Ods from the ods rww-ld storage 
> environment, how would it work?
>
> Say, the addressbook, the briefcase, bookmarks are stored separately 
> on one or more rww-ld storage services / accounts.
>
> Would people have to use your ods storage platform? (Understand their 
> currently components?)
>

No!

ODS (OpenLink Data Spaces) is simply a collection of controllers for 
producing 5-Star Linked Data and orchestrating I/O operations on said 
data. That's it.

The Calendar, AddressBook, Briefcase, and other applications are simply 
Linked Data defined using relevant ontologies. Here's a simple breakdown:

Calendar -- iCalendar (meaning: you have the ability to access this data 
in RDF based Linked Data form or iCal)
AddressBook -- ditto but for vCard
Briefcase -- this is just HTTP/WebDAV with extensions for ACLs and the 
ability to mount 3rd party folders via their APIs (e.g., Dropbox, Sky 
Drive, Google Drive, Amazon S3 etc..).

> Say, I want to migrate my data to another platform, or say - I set-up 
> a company, and want to migrate the r&d records to a separate data 
> space, does it have to be ods?

No!

This game is all about letting Data flow between Data Spaces. ODS is 
just about enabling you achieve these goals at a higher level, you can 
do the same by hand to. Every ODS app has a high level Import/Export 
feature while also supporting content negotiation against data 
object/item URIs.

>
> Like a FAT hdd, do I have to use one? Can I go get another and easily 
> transfer the records with the ability to easily navigate to the new 
> locations?

Of course.

>
> What are the baseline "apps" for the "cloud storage" (rww-ld) 
> platform, and what standards are required to make that work in a 
> distributed environment.

Existing Web standards :-)

>
> I very much appreciate the enormous contributions made by the members 
> of the list, and my "newbie" status ;) I've been working in it in 
> different ways since 2000, but from different levels, and the 
> standards kinda work is an exciting (with all humility) new step.
>
> All seems a bit like creating a new "Linux" in a way, same same but 
> different ;)
>

I would say, this is modern Unix with a hypermedia twist, due to the 
incorporation of HTTP URIs :-)

> If people are to get what we're trying to gift them, it can't rely 
> upon an existing "hosted" id: it can of course be linked: but therein 
> are the semantics of a freeman.
>
> Lots of food for thought.  Thank you.

Okay :-)

Kingsley
>
> Sent from my iPad
>
> On 10 Jan 2014, at 7:50 am, Kingsley Idehen <kidehen@openlinksw.com 
> <mailto:kidehen@openlinksw.com>> wrote:
>
>> On 1/9/14 10:21 AM, Timothy Holborn wrote:
>>> I think I've used, built every known webid enabled service / system 
>>> / platform out there, i'll make a list at some stage: from a user 
>>> perspective, it's very confusing...
>>
>> Again, WebID is a colloquialism (so to speak) for an HTTP URI that 
>> denotes an Agent i.e., an Entity that's of type foaf:Agent. That's it.
>>
>> You are using a WebID whenever you de-reference (lookup) the 
>> description of what an HTTP URI denotes, where the referent of said 
>> URI is a person, organization, software, robot, or anything else 
>> capable of mechanized operations.
>>
>>>
>>> I honestly do not think it describes a human well, or acknowledge a 
>>> specific human on a keyboard.
>>
>> A WebID doesn't describe a human. It denotes a human. Basically, in 
>> regards to Linked Data, an HTTP URI (e.g., a WebID) functions like a 
>> "Term" in that it resolves to a description of what it denotes i.e., 
>> its referent [1].
>>>  It's a necessarily element, like a bank-card to an account holder - 
>>> but the card or the account, is not the person and the account / 
>>> card can be labelled as to describe a relation, rather than the 
>>> person: therein, agent.
>>
>> A bank card (or any other identity card) is like a profile document 
>> comprised of identity oriented claims that are verifiable by the 
>> card's issuer. Hence my reference to "Identity Card" which is what a 
>> WebID resolve to etc..
>>
>> An Identity Card is comprised of a collection of statements about a 
>> Subject. The Subject in question still needs to be denoted by an 
>> identifier, so you end up with two distinct things:
>>
>> 1. Identifier that denotes the description subject -- entity of type 
>> foaf:Agent
>> 2. Identifier that denotes the description document -- entity of type 
>> foaf:Document .
>>
>>>
>>> Webid to users means login with a certificate.
>>
>> Yes, I will concede that the misconception in question is real. Its 
>> the by product of an initial narrative that overreached  :-(
>>
>>>  I've now got so many certificates, and I think I've even lost some 
>>> - don't even remember the services I lost them from; and let's not 
>>> get into early bitcoin mining testing; anyhow, it probably should 
>>> mean, I have authorised devices, accounts, relationships, 
>>> agreements: that can do predefined tasks without my direct 
>>> intervention (unless I've set out a flag, or whatever).
>>
>> Having many identifiers and identity cards is a good thing. Entropy 
>> is ultimately how we are going to get out of the current privacy mess 
>> created by Web 2.0 patterns and solutions.
>>
>>>
>>> So, I recon the identity chain isn't finished yet, unless everything 
>>> is public except for what programmers develop and manage 
>>> specifically, which isn't the mission...
>>
>> The identity chain cannot be a static thing. The conceptual 
>> dependency graph is already in place due to the existence of relevant 
>> open standards, covering all the key impact areas.
>>
>> Our biggest challenge boils down to getting out of the habit of 
>> creating new standards afresh, from limited industry knowledge and 
>> experience, as a gut reaction to emergent problems.
>>
>>>
>>> Leaky abstraction threatening standards interoperability (not many 
>>> webid users out there ATM) vs. one ring to rule them all - there's a 
>>> few other options...
>>
>> No, the is but one option: use existing open standards (where such 
>> exist) to solve current and future problems. This is what the 
>> architecture of the World Wide Web has put on a platter for years, 
>> but there remains a tendency to not thoroughly understand the 
>> dexterity inherent in this utterly wonderful piece of work!
>>
>>>
>>> In theory, every user becomes an identity provider to some level: 
>>> even if it's simply acknowledging they own a computer and an account 
>>> where they provide access to resources to others.
>>
>> Every user has to be their own identity provider. It shouldn't 
>> require ownership of a domain. It should simply boil town to 
>> verifiable identity card ownership and authorship.
>>
>>>
>>> At the moment, identity providers are centralised.  So I think it's 
>>> functionally quite different.
>>
>> See my comments above. I have zero interest in centralized solutions 
>> because they are all inherently flawed, especially in the context of 
>> the World Wide Web.
>>
>>>
>>> Just ideas, I'll keep thinking.
>>>
>>> Notes below.
>>>
>>> Sent from my iPad
>>>
>>> On 10 Jan 2014, at 1:04 am, Kingsley Idehen <kidehen@openlinksw.com 
>>> <mailto:kidehen@openlinksw.com>> wrote:
>>>
>>>> On 1/8/14 10:27 PM, Timothy Holborn wrote:
>>>>> re: G+[1] i agree with Kingsley almost; and the underlying 
>>>>> differentiation, is in seeking to define 'persona' as a separate 
>>>>> 'identity' for the purpose of identity management.
>>>>>
>>>>> Some ideas (sorry for the length; ideas are still draft).
>>>>>
>>>>> *WEBID*
>>>>> There's a couple of different sorts of 'things' that interact. 
>>>>>  WebID seems to make the most sense for 'things that speak 
>>>>> internet' (and knows what to do with a cert).
>>>>> WebID [2] seems to provide a method to deploy x509 with RDF, which 
>>>>> is beneficial for IoT / WoT; therefore reinforcing identity / 
>>>>> privacy methods, especially when applied to an RWW Account (LDP / 
>>>>> RDF + storage + base services
>>>>
>>>> Not really. A WebID is a term that refers to the use of HTTP URIs 
>>>> for denoting (naming or "referring to") agents (entities such as 
>>>> people, organizations, sofware, robots, and anything else capable 
>>>> of mechanized operation). Its sole purpose is entity denotation, 
>>>> that's it.
>>>>
>>> http://www.w3.org/wiki/WebID Or updated version 
>>> https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/index.html
>>>
>>>> Unfortunately, during the early days of WebID, it got conflated 
>>>> with  Discovery and Authentication, as reflected in your 
>>>> characterization above re. X.509  and RDF.
>>>>
>>>> In recent times the following have been established to be distinct:
>>>>
>>>> 1. WebID
>>>
>>> So, foaf?  What's different here from foaf.
>>
>> See my earlier comments about what a WebID is about.
>>
>> Links:
>>
>> [1] http://bit.ly/15tk1Au -- HTTP URI based denotation illustrated .
>>
>>
>> -- 
>>
>> Regards,
>>
>> Kingsley Idehen 
>> Founder & CEO
>> OpenLink Software
>> Company Web:http://www.openlinksw.com
>> Personal Weblog:http://www.openlinksw.com/blog/~kidehen
>> Twitter Profile:https://twitter.com/kidehen
>> Google+ Profile:https://plus.google.com/+KingsleyIdehen/about
>> LinkedIn Profile:http://www.linkedin.com/in/kidehen
>>
>>
>>
>>


-- 

Regards,

Kingsley Idehen 
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen