- From: Dan Brickley <danbri@danbri.org>
- Date: Mon, 6 Jun 2011 13:07:05 +0200
- To: elf Pavlik <perpetual-tripper@wwelves.org>
- Cc: public-xg-webid <public-xg-webid@w3.org>
On 6 June 2011 12:49, elf Pavlik <perpetual-tripper@wwelves.org> wrote: > Hello, > > Great meeting some of you in Berlin! +1 > Sometimes I find a bit confusing in WebID, mixing identity/profile and using client certificate for authentication. How do you see making stronger distinction between those two? What if someone wants to have an URI and foaf profile but for authentication would like to use other mechanizm than client certificate, OpenID for example... > > Dees plain FOAF has exactly the same potential in terms of identity and social graph? > Does WebID adds anything else to FOAF than authentication with client certificate? > I appreciate any comments and links which can help me with clarifying it! I think sometimes in our enthusiasm for various technologies, we bundle various things together. Some of the enthusiasm people in the webid/foaf+ssl have for "what WebID enables" reminds me of some of the early over-enthusiasm people had for what "FOAF" might make possible. And we see similar enthusiasm from others around OpenID/OAuth, or XFN/hCard and other Microformats, etc. In practice, each specific technology contributes a tool to a larger toolkit that enriches the Web. As far as FOAF is concerned, the basic idea is just that we treat Web pages as making claims about the world (including about people), and that we exploit whatever tools are available to encode/interpret those claims, and to keep track of who made them. So in the FOAF project we have the FOAF *vocabulary* as a kind of "starter dictionary" for expressing some of these claims. And there are various syntactic options for writing those claims (RDF/XML, RDFa, Microdata etc.) as well as many other vocabularies you might use alongside FOAF, or instead of FOAF. So FOAF includes as a utility the foaf:openid property, and certainly some data we'll end up associating with its source because they logged in with OpenID. Other times we might know who-said-what from using PGP or WebID or OAuth or XMPP or RelMeAuth or something else. The key thing is that we can stand back from the technical detail and ask quite human questions "Who said this? Who made this claim, and what evidence do we have that they said it?". If we stand back from the protocols for a little while, I think there is a pretty pluralistic story that can be told about how everything fits together... cheers, Dan
Received on Monday, 6 June 2011 11:07:32 UTC