- From: Thomas Fritz <fritztho@gmail.com>
- Date: Wed, 31 Aug 2011 15:54:23 +0200
- To: Henry Story <henry.story@bblfish.net>
- Cc: WebID List <public-xg-webid@w3.org>
Hi 2011/8/31 Henry Story <henry.story@bblfish.net>: > > On 31 Aug 2011, at 13:08, Thomas Fritz wrote: > >> Hi >> >> How can users protect their foaf profile so it is not publicly >> available to everyone. >> How can this be implemented so, i as the profile owner, can select >> which data i want to give to the authentication site. >> >> In all diagrams there is the assumption that the foaf profile can >> publicly accessed. > > In the diagram the WebId Profile is publicly accessible. It can point to another resource that is access controlled, and returns different representations given the WebID of the user accessing it. Think Facebook but with WebID. When you say access controlled. What kind of access control do you think of? It has to be on the foaf profiles server in my opinion because otherwise one could just ignore it and retrieve the whole foaf profile. So, i think it is a must that this process of data approval for the requesting site has to be delegated to the foaf profiles server. Similar to OpenID. > > The http://www.w3.org/wiki/WebAccessControl ontology could be used to make the access control restrictions machine readable, but that is not needed to get going. > > The http://www.w3.org/community/rww/ may be the w3c community to discuss that in more detail. > > Henry > >> > Social Web Architect > http://bblfish.net/ > > > Regards --- Thomas FRITZ web http://fritzthomas.com twitter http://twitter.com/thomasf
Received on Wednesday, 31 August 2011 13:55:11 UTC