- From: Henry Story <henry.story@gmail.com>
- Date: Wed, 11 Jan 2023 09:25:44 +0100
- To: Melvin Carvalho <melvincarvalho@gmail.com>
- Cc: Jacopo Scazzosi <jacopo@scazzosi.com>, Jeremy Lewi <jeremy@lewi.us>, public-webid@w3.org
- Message-Id: <13CB7031-C0CA-4516-BF4B-6AF9A76E33EE@gmail.com>
Happy New Year all, > On 10. Jan 2023, at 22:55, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > > Hi All and Happy new year! > > Just wondering if there might be some movement on the WebID spec > > Could 2023 be the year that we get the spec over the line? > Don’t hold your Breath Melvin. Standards take a huge time to come together. Just look at Http Message Signatures which started in 2014 or so and is now progressing through the IETF HTTP Bis WG. https://datatracker.ietf.org/doc/draft-ietf-httpbis-message-signatures/ They have implementations from Amazon, Mastodon and many others at each stage of its development. Implementations drive standardisation. And even here the background is quite splintered, with say Mastodon using a 6 year old version. WebID is being adopted most seriously by Solid, which is progressing on a number of fronts, where WebID is a key part. The WebID specs as they are are not getting in the way it seems. Last year we made a whole bunch of editorial fixes to WebID. Nothing major that would require publishing a new version though. WebID is currently used by the following projects (I am aware of) Webid-Profile group ----------————————— They are working on profile vocabularies https://github.com/solid/webid-profile I am not following that, due to lack of time, but should pop perhaps to see where it is going. Solid OIDC ---——————— https://solidproject.org/TR/oidc-primer There is some idea of using it also to identify App instances, thinking of them as agents. That could require json-ld support in the spec, which is not unreasonable. So I think that is on the cards at some point, but there is no consensus yet, and the authors have found it easier to use another word. Http Signature -------——————— I am working on Http Signatures, which I see as the successor of WebID TLS. After writing an implementation in Scala of https://github.com/bblfish/httpSig and after implementing in a Solid Server [1] I am now writing client libraries to test the idea fully. So I will be updating the HttpSig spec soon with what I have learnt from all these implementations. https://github.com/bblfish/authentication-panel/blob/main/proposals/HttpSignature.md Here the KeyId takes a central role and could be all that is needed in a minimal setup. But linking to a KeyID is fragile, and one would prefer a more stable identifier like a WebId. And indeed they can link up as I show in that spec. Those are some of the project I know of that are using WebID. There are certainly others. Eg. WAC uses it too for access control. Henry [1] https://github.com/co-operating-systems/Reactive-SoLiD/pulls > > Best regards, > Jacopo. > > --- > > Jacopo Scazzosi > https://jacoscaz.com > https://treesandrobots.com > > > > > On 21 Jul 2022, at 22:51, Jeremy Lewi <jeremy@lewi.us> wrote: > > > > Hi Folks, > > > > What's the current status of the WebID proposal? It seems like the proposal has been around for 10+ years but hasn't become a W3C recommendation. > > > > This thread suggests that progress has stalled in part because the spec has gained very little adoption. Can anyone provide more context/opinions on why progress/adoption has stalled? Were their technical objections to the spec or was the spec solving a problem most folks didn't have? > > > > How does the future of WebID relate to DID's which I believe recently became a W3C recommendation (blog)? Would WebID be compatible or superseded by DID web? > > > > Thanks > > J > >
Received on Wednesday, 11 January 2023 08:26:09 UTC