Re: Question/idea: Self-contained WebID

Hi Brian,

Quoting Kingsley Idehen (2014-05-27 20:22:22)
> On 5/27/14 1:08 PM, Brian Allen Vanderburg II wrote:
>> OpenID requires third party identity providers.  That means that I 
>> don't really "own" my identity,

>> I'm only vaguely familiar with WebID.  It seems like it works by 
>> storing a client certificate on the user's computer.  But it still 
>> seems to require a public server for access to the WebID foaf.rdf 
>> file. Would it not be possible for a client/browser to implement it's 
>> own way of storing that file and sending it to a server when 
>> attempting to use WebID for authentication and login, so that it 
>> would remove the need of some hosting provider or server from storing 
>> it.  The idea there would be to allow the user to own their identity 
>> entirely, without any need of an external provider or server to host 
>> the file, perhaps allowing for ID by the key fingerprint.


> To answer your fundamental question, the answer is yes. WebID, 
> WebID-TLS, WebID-Profile, and WebACLs are all about loosely coupling 
> the critical pieces that collectively facilitate identity controlled 
> and managed by you.

I believe what Kingsley hints at is that...

 * WebID need no server (that's specific to WebID-TLS - if at all)!

Seems to me that WebID is *perfect* for your use case.

I think that this use case of yours could help others understand how 
WebID, WebID-TLS, WebID-Profile and WebACLs are building blocks, that 
can be used in multiple ways - yours being one of them.

Would you be interested in working on refining your use case, and have 
it proof-read by people at this list, to ensure you are staying within 
the boundaries of the building blocks, not deriving from them?


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private