- From: Peter Williams <home_pw@msn.com>
- Date: Fri, 20 May 2011 13:35:04 -0700
- To: "public-xg-webid@w3.org" <public-xg-webid@w3.org>
- Message-ID: <SNT143-w46AEF5D7ECE1D0478C889E92710@phx.gbl>
I didnt understand any of this thread. I thought the whole point was that anyone could make a foaf group, reference n URIs==webids, and thats it. I thougt a fancier point was that the group elements might be a URI, that either is or is the sameAs as a[distinct] webid. Thus, one can ask for the members of a foaf group X who have webids, discarding the rest. how, or why, or what the foaf group bind to, in acl terms, is a different issue. Alll the thread poster was trying to do was specify a group. The poster was not attempting to bind the group id to a set of acl entries. one can then apply authentication policy, at the website guard. User does SSL client authn, and guard requires webid to be on list (above), before authz is even attempted. THis is the same as the directory world then, in which one MUST prove one has done strong authentication AND some issuer vouches for the keys' authenticity (in the underlying foaf cards). The maintainer of that group is that very issuer. We have to disinguish between the authn guard (enforcing strong authn policy), and the authz decision/enforcement points (based on some authz logic, of which there are hundreds...) > Date: Fri, 20 May 2011 11:08:52 -0400 > From: kidehen@openlinksw.com > To: public-xg-webid@w3.org > Subject: Re: WebID XG - semantic group profile. > > On 5/20/11 10:14 AM, Henry Story wrote: > > On 20 May 2011, at 15:59, Kingsley Idehen wrote: > > > >>> be needed would be a form where people who logged in with their e-mail could also login with their webid to prove the equivalence. > >>> > >>> I am not sure if this is within what is feasible within the W3C rules. So I am CC Coralie here. > >> To do this right, just make a 3 col google spreadsheet and then share with the public. Use "<" and">" to handle reference values. That's it. > > Well I am not sure I can publish the e-mails or sha1 sum of members of this group anywhere let alone google. So the issue is to deal with that first. > > I meant: > > Name and WebID. > > Also remember, mailto: URIs shouldn't be secrets in an S/MIME + WebID > world. You can actually verify signed emails using the aforementioned > hybrid protocol. > > > Also mailing list membership changes, so it would be good to have the :webIDXG group be representative of people who are subscribed here at a time. To do this it seems to me a perl cgi that transforms the information from the list members can be quickly put together. The W3C has web servers, so there is no need to ask Google to host this I think. (Anyway I think Andrei Sambra was happy to host it). > > I just mean use a Google Spreadsheet as a Triple editor since you can > "Save As" to a location e.g. one that's mounted by WebDAV with > redirection into a Data Space (like a DBMS). > > > Having it machine readable in an RDF format is something that would help us make some nice link to the linked data community and test out some services. > > Well, as I've indicated a long time ago, using ACL protected data spaces > is what we should be doing e.g. an ACL protected AddressBook that WebID > compliant. > > > And publishing proven WebIds would also be a good way of showing how one can do distributed > > assurance. The file would make the assurance that the members are part of this group. > > > > Finally the file is minimal. It is up to remote WebID users to decide how much different services can learn about them. > > See comments above. > > It's not about files its about Linked Data :-) > > Kingsley > > Henry > > > > > > Social Web Architect > > http://bblfish.net/ > > > > > > > > > -- > > Regards, > > Kingsley Idehen > President& CEO > OpenLink Software > Web: http://www.openlinksw.com > Weblog: http://www.openlinksw.com/blog/~kidehen > Twitter/Identi.ca: kidehen > > > > > >
Received on Friday, 20 May 2011 20:35:32 UTC