Re: twitter and facebook as graph hosts from Kingsley Idehen on 2011-12-22 (public-xg-webid@w3.org from December 2011)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Thu, 22 Dec 2011 13:35:18 -0500
To: public-xg-webid@w3.org
Message-ID: <4EF37866.4040303@openlinksw.com>

On 12/22/11 1:09 PM, Peter Williams wrote:
> whats your model for using twitter, facebooks, and proxy URIs etc?
>
> Ive understood that when getting a cert from your site, it builds a 
> profile (distinct from the original foaf card that I continue to 
> maintain). Lets call it a master-card :-).
>
> And, I understand that said master card can be hosted on an ODS 
> endpoint, known as a proxy. Even though my webid is within 
> http://twitter.com, I get another webid called 
> http://ods/x/y/z/http/titter/com.... or similar, where the latter is a 
> particular structured name. Called a proxy URI, it points to the 
> master-card, which wraps the original card. A sparql call on the proxy 
> can make queries againt properties in the master cards and its subcards.
>
> now, where is the master-card stored?

There are two types of proxy: one abstracts consumers from the 
underlying APIs for the likes of Twitter, Facebook etc. The other 
doesn't. Thus, our CertGen has the former as default.

Irrespective of proxy/wrapper URI type, you end up progressively 
populating a profile graph in id.myopenlink.net since this is the 
instance hosting the cert. generator. Thus, if you installed the 
generator somewhere else, you get the very same benefits with changes 
only applying to the "authority" part of the proxy URIs.

>
> Is it stored in twitter read/write store (since I granted a OAUTH 
> write session to my twitter data space)? Is the twitter page 
> referenced by my tiwtter webid supposed to show the RSA key?

It isn't stored in Twitter. What it does though is use a cache 
invalidation (HTTP or a custom override) scheme to track Twittter since 
the host  maintains provenance metadata for all ingested resources. You 
see the same functionality in action when you use any of our SPARQL 
endpoints. Basically, we have pragmas that trigger GETs for resources 
subject to cache invalidation scheme, as part of the SPARQL processing 
pipeline.

>
> for the facebook case, is it stored in a facebook graph store?

No, like Twitter, the data is progressively written to a graph on 
id.myopenlink.net or any other instance hosting the cert. generator.

> Is that graph, when search my machines using the facebook API, 
> supposed to bne able to see the RSA key?
The graph holds the public key and certificate fingerprint data and its 
all associated with the proxyURI that serves as your WebID.

>
> In all cases, when I use my webid/cert at FCNS, and Ive stored both 
> the twitter URI AND the proxy URI in the cert's SAN fields, it will 
> try both stores. Is this the way to think?

Yes.

> Is this how I SHOULD use multipl SANs (to point to different places 
> here the key might be found, in some kind of inheritance/containtment 
> relationship)?

Yes.

We are fixing our verifier re. handling of multiple URIs in SAN.

>

-- 

Regards,

Kingsley Idehen	
Founder&  CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Thursday, 22 December 2011 18:35:48 UTC