Re: Was mandating WebIDs be IRIs ever discussed (as opposed to them 'just' being URIs)? from Melvin Carvalho on 2022-07-04 (public-webid@w3.org from July 2022)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Mon, 4 Jul 2022 21:09:10 +0200
To: Nathan Rixham <nathan@webr3.org>
Cc: Eric Jahn <eric@alexandriaconsulting.com>, Kingsley Idehen <kidehen@openlinksw.com>, public-webid <public-webid@w3.org>
Message-ID: <CAKaEYhLOWSKDOdg-Yo0gcpooBK8zKQR7bD5CxwuAaUPLVMid2Q@mail.gmail.com>
On Mon, Jun 27, 2022 at 8:15 PM Nathan Rixham <nathan@webr3.org> wrote:

> I guess WebID can be any... Something used in WebID-TLS may need to be
> http(s).
>

We actually nailed the initial definition of WebID at TPAC, based on a
formulation you came up with on IRC.

This later went to the group and there was some to and fro regarding
redirects -- long story short, timbl didnt like redirects because they're a
pain -- others felt 303 was a worthwhile deployment pattern, but this
always muddies the waters

It was a branding exercise, to create a practical definition that folks
might use.  Whether or not that exercise was a success is debatable, but
better to get behind something and build, than argue about fine print.

That was about 8 years ago, and since then things have stalled.  Though
there was some movement in the last year, IMHO we'd benefit from a chair to
drive things forward, but unsure if anyone has time for that

There's currently some momentum towards completing the draft spec, and
modernizing it a bit.  For example to add JSON-LD and a context, is
generally regarded as a good thing.  That's somewhat political though.

I would favour at some point a clean modern webid 2.0 spec, which was
simple, minimalist, practical.  But at the same time, is there a need for
it?  Having yet another w3c spec that fewer than 100 people use is a bit
cringe.  So we're a bit stuck in general.

Is there a pressing need to have IRI's and webid.  On some reflection, I
think that unicode characters could increase the attack surface.  Is there
some limitation in ascii chars?  It also plays nicely with subdomains,
which we decided to use for webid's in Solid etc.


>
> On Mon, 27 Jun 2022, 19:11 Eric Jahn, <eric@alexandriaconsulting.com>
> wrote:
>
>> Why does it have to be an HTTP IRI?  Why not, just an IRI (any protocol)?
>>
>> Eric Jahn
>> CTO/Data Architect
>> Alexandria Consulting LLC
>> St. Petersburg, Florida
>> 727.537.9474
>> alexandriaconsulting.com
>> WebID <https://alexandriaconsulting.com/files/eric_jahn.rdf#me>
>>
>>
>> On Mon, Jun 27, 2022 at 1:22 PM Kingsley Idehen <kidehen@openlinksw.com>
>> wrote:
>>
>>> On 6/27/22 10:52 AM, Pat McBennett wrote:
>>>
>>> Hi,
>>>
>>> I just wanted to first ask if anyone here knew of any existing
>>> discussions at all (either here in this mailing list (as I can't find
>>> anything directly relevant when I search this list for 'IRI'), or anywhere
>>> else public) on updating the current statement in the draft spec [1] (i.e.,
>>> ""A WebID is an HTTP URI") to use the term IRI instead of URI?
>>>
>>> (Note: I'm very deliberately not even mentioning the term HTTP in that
>>> definition - as that is a completely separate discussion point (i.e.,
>>> getting into DIDs and IPFS, etc.))
>>>
>>> I don't pretend to know the history behind efforts to definitively
>>> define what an IRI is - but I understand that IETF 3987 [2] never actually
>>> became an official standard (or did it?).
>>>
>>> I understand that the whole area of clearly defining what we mean by
>>> URL, URI, or IRI is probably still a mess. This was brilliantly articulated
>>> back in 2016 in this blog entry [3] by the maintainer of cURL (Daniel
>>> Stenberg): "Not even curl follows any published spec very closely these
>>> days...There’s no unified URL standard and there’s no work in progress
>>> towards that. I don’t count WHATWG’s spec as a real effort either".
>>>
>>> The reason I ask this question at all is because the RDF 1.1 Concepts
>>> and Abstract Syntax makes it explicitly clear that all identifiers in RDF
>>> are IRIs (as defined by IETF 3987, so whether that is an official standard
>>> or not), and it's clear from section "3.2 IRIs" that the reason for RDF
>>> explicitly stating the use of IETF 3987 IRIs over URIs is:
>>>   "IRIs are a generalization of URIs [RFC3986] that permits a wider
>>> range of Unicode characters."
>>>
>>> Therefore I interpret that as saying that RDF mandates IRIs so as to be
>>> as inclusive as possible of character sets to allow people from all around
>>> the world to use their native languages to mint identifiers. (Seems like
>>> quite a laudable intent to me!)
>>>
>>> So my question, simply re-stated, is: has anyone discussed the idea of
>>> mandating WebIDs be IRIs too, for the same reason - i.e., to explicitly be
>>> as inclusive as possible of global character sets?
>>>
>>> (Seems to me like WebID has *even more* reason to be explicitly
>>> inclusive of character sets for identifiers than RDF even, since WebIDs are
>>> expressly intended to identify people (as well as organizations, and IoT
>>> devices, and 'agents', etc.))
>>>
>>> Cheers,
>>>
>>> Pat.
>>>
>>> 1 -
>>> https://www.w3.org/2005/Incubator/webid/spec/identity/#:~:text=a%20given%20Server.-,WebID,A%20WebID%20is%20a%20URI%20with%20an%20HTTP%20or%20HTTPS%20scheme,-which%20denotes%20an
>>> 2 - https://www.ietf.org/rfc/rfc3987.txt
>>> 3 - https://daniel.haxx.se/blog/2016/05/11/my-url-isnt-your-url/
>>>
>>> *Pat McBennett*, Technical Architect
>>>
>>> Contact  | patm@inrupt.com
>>>
>>> Connect | WebID <http://pmcb55.inrupt.net/profile/card#me>, GitHub
>>> <https://github.com/pmcb55>
>>>
>>> Explore  | www.inrupt.com
>>>
>>>
>>>
>>> This e-mail, and any attachments thereto, is intended only for use by
>>> the addressee(s) named herein and may contain legally privileged,
>>> confidential and/or proprietary information. If you are not the intended
>>> recipient of this e-mail (or the person responsible for delivering this
>>> document to the intended recipient), please do not disseminate, distribute,
>>> print or copy this e-mail, or any attachment thereto. If you have received
>>> this e-mail in error, please respond to the individual sending the message,
>>> and permanently delete the email.
>>>
>>>
>>> Hi Pat,
>>>
>>> Long story short, your point is valid.
>>>
>>> Challenge:
>>>
>>> Evolving the WebID spec is fundamentally difficult, IMHO.
>>>
>>> A WebID should be an HTTP IRI that denotes an Agent.
>>>
>>> How that becomes part of the spec is a completely different matter :(
>>>
>>> --
>>> Regards,
>>>
>>> Kingsley Idehen 
>>> Founder & CEO
>>> OpenLink Software
>>> Home Page: http://www.openlinksw.com
>>> Community Support: https://community.openlinksw.com
>>> Weblogs (Blogs):
>>> Company Blog: https://medium.com/openlink-software-blog
>>> Virtuoso Blog: https://medium.com/virtuoso-blog
>>> Data Access Drivers Blog: https://medium.com/openlink-odbc-jdbc-ado-net-data-access-drivers
>>>
>>> Personal Weblogs (Blogs):
>>> Medium Blog: https://medium.com/@kidehen
>>> Legacy Blogs: http://www.openlinksw.com/blog/~kidehen/
>>>               http://kidehen.blogspot.com
>>>
>>> Profile Pages:
>>> Pinterest: https://www.pinterest.com/kidehen/
>>> Quora: https://www.quora.com/profile/Kingsley-Uyi-Idehen
>>> Twitter: https://twitter.com/kidehen
>>> Google+: https://plus.google.com/+KingsleyIdehen/about
>>> LinkedIn: http://www.linkedin.com/in/kidehen
>>>
>>> Web Identities (WebID):
>>> Personal: http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i
>>>         : http://id.myopenlink.net/DAV/home/KingsleyUyiIdehen/Public/kingsley.ttl#this
>>>
>>>
Received on Monday, 4 July 2022 19:09:39 UTC