Re: Webkeys, OpenID, WebID, OAuth etc..

On 22 April 2013 23:25, Dave Longley <dlongley@digitalbazaar.com> wrote:

> On 04/22/2013 03:35 AM, Henry Story wrote:
>
>> On 22 Apr 2013, at 05:27, Manu Sporny <msporny@digitalbazaar.com> wrote:
>>
>>  On 04/21/2013 10:53 PM, Dave Longley wrote:
>>>
>>>> On 04/21/2013 05:26 PM, Henry Story wrote:
>>>>
>>>>> In other words, your false claim about a "very complicated
>>>>>> non-decentralized protocol" is still rooted in your continued
>>>>>> disinterest in understanding what we implemented.
>>>>>>
>>>>>>  Can you find a mail where you publically explained how this
>>>>> worked?
>>>>>
>>>> Yes, I can find those and so can you. Search the foaf-protocols
>>>> list, for instance.
>>>>
>>> August 10th, 2010 - Dave Longley explains the JavaScript+Flash-based
>>> WebID+TLS protocol:
>>> http://lists.foaf-project.org/**pipermail/foaf-protocols/2010-**
>>> August/003249.html<http://lists.foaf-project.org/pipermail/foaf-protocols/2010-August/003249.html>
>>>
>>> August 13th, 2010 - Henry Story responds to the thread:
>>> http://lists.foaf-project.org/**pipermail/foaf-protocols/2010-**
>>> August/003287.html<http://lists.foaf-project.org/pipermail/foaf-protocols/2010-August/003287.html>
>>>
>> Good so I suppose with hindsight the idea of a Flash WebID+TLS
>> protocol did not sound like such a good idea. As you see
>>
>
> There is still a misunderstanding. We didn't create that technology in
> order for us to pursue it. We created it to help *you* make the WebID
> technology more viable. Based on your comments and assumptions regarding
> Web Keys, you still don't understand this.
>
> You weren't interested in what we created and didn't believe that there
> would be any issues with people widely-adopting WebID as a new
> authentication strategy. When you made it very clear the technology would
> be of no use to you, we dropped work on it. We had no hard feelings about
> that, rather, we considered it to be a missed opportunity for WebID. This
> was two years ago. We didn't pursue it any further; it has nothing to do
> with the technologies that we have since developed. The reason that it went
> nowhere was because it had no chance to go anywhere; no one was working on
> it.
>
> WebID, on the other hand, has been worked on for several years now, but
> from what I can tell, it still has not been adopted by a wide audience.
> While there may be other reasons for that, I continue to believe that a
> major one is that no plan has ever been put into place to help regular web
> users transition to WebID. Again, the technology we created to try and aid
> you in this endeavor was rejected without it or its original need and
> purpose (as a transitional/catalyst mechanism) being understood.
>
> I think this lack of understanding is still true today and there is no
> transitional technology in place to get people to adopt WebID... and there
> is minimal WebID adoption on the Web. My opinion is that these things are
> strongly related, yours is not. I don't expect either of our opinions to
> change any time soon; mine will change if WebID does gain wide-adoption
> soon. I advise you to change yours if WebID does not appear to be gaining
> any significant stream in the near future.


+1

For the record, not everyone was opposed to this approach.  With the
benefit of hindsight, this could well have been the way to go.

However, at this point we have two identity systems based on HTTP URLs (ive
not mentioned authentication intentionally)

Would I be right to say, one is essentially WebID+Turtle, the other is
WebID+JSON-LD?  Do note that the WebID Identity spec is very minimalistic,
and does not mention TLS, FOAF etc.

There seems to be a reasonable amount of common ground to layer on top
either the cert ontology or the webkeys ontology, depending on what you are
implementing?


>
>
> --
> Dave Longley
> CTO
> Digital Bazaar, Inc.
>
>
>