W3C home > Mailing lists > Public > public-xg-socialweb@w3.org > July 2009

Re: FYI: Blog post about Web of Identities

From: Kaliya <kaliya@mac.com>
Date: Mon, 13 Jul 2009 10:31:28 -0700
Message-id: <EF957FA3-8A61-438E-9458-8163300B3B03@mac.com>
To: public-xg-socialweb@w3.org

On Jul 13, 2009, at 3:36 AM, Melvin Carvalho wrote:

> Enjoyed reading the post.  In answer to your questions:
>
> Do you share my vision of the trend illustrated?
>
> Yes, I agree that the "Web of Identities" is starting to get underway,
> and will probably form the fabric of the next iteration of the
> (social) web.  As you mention, there's lots of work being done in this
> area.  Personally I find FOAF and the technologies built on FOAF to be
> the most promising.  FOAF was largely behind the original proposal for
> OpenID by Brad Fitzpatrick [1], and more recently behind FOAF+SSL [2],
> but I think that's just the tip of the iceberg, and over the next
> years we'll (hopefully) see much more innovation in this area,
> particularly as W3C has recently grown its stack to include SPARQL and
> RDFa which will be invaluable in dealing with linked (social) data.  A
> simple example of browsing FOAF profiles can be seen here:
>
> http://foaf-visualizer.org/?uri=http://www.w3.org/People/Berners-Lee/card
>
> I'd like to see more possibilities of seamlessly jumping from server
> to (eg facebook to myspace) without needing registration or
> synchronisation.


I am really glad you guys (W3C) are paying attention to this space.

You did not mention the (Google) Social Graph API that is trying to  
create a navigable web of public "friend" data - this is being driven  
by Brad Fitzpatrick

The work that Drummond and company did around XRI/XDI was all about  
how to create a web of data WITH accesses control (privacy) built in.
This paper is actually the first use of the word "social web"
http://journal.planetwork.net/article.php?lab=reed0704




> However, given that FOAF is just linked data, you
> can very easily move into the LOD world or start using rule based
> inferences.  The neat thing about this framework, is that you can go
> away and write your own vocabulary to deal with any pain points that
> arise, and if other people like it, they will start using also, giving
> you a kind of democracy of ideas, without necessarily having to go
> through a formal specification process.
>
> How could the named privacy issues be addressed?
>
> We're in early days on the privacy front.  I think facebook (though
> often maligned) have found a solution that seems to have gained
> acceptability.  That is, by default only allow friends to see your
> activitiy stream.  In the linked profile world, you need to build
> privacy on top of identity.  Identity can be authenticated by any of
> the standard patterns (SSL/OpenID/username,password) and will yield a
> machine readable profile, as some refer to it, a "Web ID" [3].  The
> advantage of SSL is that you can authenticate using your browser,


The think I am confused about when you propose this is that your  
browser becomes a "beacon" giving away your identifier to who ever  
asks.  Maybe I am not understanding  how this works but when Kingsley  
explained it to me at the Sem Web conference this is what I "got"

The identity community has gone to great lengths to articulate a  
vision for identifiers on the web that support citizens / people not  
giving away their identitifiers without their knowledge.

See Kim Cameron's Laws of Identity that are widely accepted with the  
community as sound basis' for these systems. http://www.identityblog.com/stories/2004/12/09/thelaws.html




> rather than redirecting to an IdP.  It doesnt really matter how you do
> it, so long as you can authenticate and get a machine readable profile
> at the end of the process.  Once you have a standardised machine
> readable profile pulling out a friends list is not too difficult (for
> example, SPARQL for foaf:knows) and use WebAccessControl [4] to
> provide privacy options.  Similarly, portability of your friends list
> becomes reasonably easy once you've built in the auth, as FOAF is by
> definition a portable format.
>
> There's a few solutions in this space, but I would suggest that all
> are at early stages.  We've come a long way since MS Passport was the
> dominant identity technology, and we probably still have a long way to
> go, but the direction seems pretty positive, particularly from the
> point of view of the end user.


> The answers above are probably quite
> "W3C-Centric", and I acknowledge that there are several more
> technologies out there, and that interoperability will be important,
> however your post was leaning in the direction of LOD, so I've tried
> to present LOD in a wider perspective.
>
> I'm pretty positive on the work being done in this area, starting with
> LOD, but also moving to Good Relations which is quietly becoming the
> "FOAF or e-commerce" and also SPARUL/WebDAV which combined with other
> techonolgies will hopefully take us right to the frontiers of a
> "ReadWrite" web!
>
> [1] http://community.livejournal.com/lj_dev/683939.html
> [2] http://esw.w3.org/topic/foaf+ssl
> [3] http://esw.w3.org/topic/WebID
> [4] http://esw.w3.org/topic/WebAccessControl
>
> On Sun, Jul 12, 2009 at 10:53 PM, Alex Korth<alex@ttbc.de> wrote:
>> Hello everybody,
>>
>> yesterday I posted a new article [1] on ReadWriteWeb and would love  
>> to
>> discuss it with you. Do you share my vision of the trend  
>> illustrated? How
>> could the named privacy issues be addressed? Thanks for your  
>> comment, Henry!
>>
>> Cheers,
>> Alex
>>
>> [1]
>> http://www.readwriteweb.com/archives/web_of_identities_making_machine-accessible_people_data.php
>>
>> --
>> Alexander Korth
>> alex@ttbc.de
>> www.twitter.com/alexkorth
>>
>>
>>
>
Received on Monday, 13 July 2009 17:32:13 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:08 UTC