Re: "Web Identity" -> "Web Credentials"

On 5 March 2014 02:57, Manu Sporny <msporny@digitalbazaar.com> wrote:

> We're trying to clarify the terminology for the badly named "Web
> Identity" spec. While this may seem like bikeshedding, clarifying the
> terminology helps identify what the spec is and isn't about. The newest
> iteration of the specification abstract looks like this:
>
> """
> An identity is a Linked Data description of a particular entity such as
> a person or organization. A credential is a qualification, achievement,
> quality, or information about an identity's background such as a name,
> government ID, home address, or university degree. This specification
> describes mechanisms for reading credentials from and writing
> credentials to a Linked Data identity while ensuring that the
> information is only accessible to authorized applications.
> """
>


The WebID XG has spent several years trying to come up with definitions for
similar concepts.  I would veer away from this definition and have

1) an identifier that is a string that identifies an agent (person, or
corporation).  Formalize this e.g with ABNF

2) I would use the term Profile or Profile Document what what you are
calling "An Identity"



[[
WebIDA WebID is a URI with an HTTP or HTTPS scheme which denotes an Agent
(Person, Organization, Group, Device, etc.). For WebIDs with fragment
identifiers (e.g. #me), the URI without the fragment denotes the Profile
Document. For WebIDs without fragment identifiers an HTTP request on the
WebID *MUST* return a 303 with a Location header URI referring to the
Profile Document.
WebID Profile or Profile Document A WebID Profile is an RDF document which
uniquely describes the Agent denoted by the WebID in relation to that
WebID. The server *MUST* provide a text/turtle
[turtle<https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html#bib-turtle>]
representation of the requested profile. This document *MAY* be available
in other RDF serialization formats, such as RDFa
[RDFA-CORE<https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html#bib-RDFA-CORE>],
or [RDF-SYNTAX-GRAMMAR<https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html#bib-RDF-SYNTAX-GRAMMAR>]
if so requested through content negotiation. ]]


Open Questions:

1) JSON LD as a serialization?

2) mailto: URIs to be included in the definition?




>
> The terminology has changed from "assertion" -> "credential", and from
> "endorsement" -> "claim. So, identities may contain one or more
> credentials. Credentials may contain one or more claims about a
> particular identity.
>
> As an example, an identity "https://example.com/i/jane" contains a
> digitally signed credential supplied by the US Government claiming that
> the name "Jane Doe" and the government-issued ID "123-45-6789" is
> associated with the identity:
>
> {
>   "@context": "https://w3id.org/identity/v1",
>   "id": "https://example.com/i/jane",
>   "type": "Identity",
>   "name": "Jane Doe",
>   "governmentId": "123-45-6789",
>   "credential": [{
>     "id": "http://ssa.us.gov/credentials/3732",
>     "type": "PassportCredential",
>     "claim": {
>       "id": "https://example.com/i/jane",
>       "name": "Jane Doe",
>       "governmentId": "123-45-6789"
>     },
>     "expires": "2018-01-01",
>     "signature": {
>        "type": "GraphSignature2012",
>        "signer": "https://ssa.us.gov/keys/27",
>        "signature": "3780eyfh3q0fhhfi...8ahsidfhf29rhaish"
>     }
>   }, ... ]
> }
>
> This new formulation hints at the real purpose of the specification. It
> isn't about identity as much as it is about asserting an identity's
> credentials. In that vein, the specification should probably be renamed
> from "Web Identity" to "Web Credentials".
>
> Thoughts?
>
> -- manu
>
> --
> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
> Founder/CEO - Digital Bazaar, Inc.
> blog: The Worlds First Web Payments Workshop
> http://www.w3.org/2013/10/payments/
>
>

Received on Wednesday, 5 March 2014 13:32:43 UTC