- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Fri, 20 May 2011 16:46:40 -0400
- To: public-xg-webid@w3.org
- Message-ID: <4DD6D330.5070605@openlinksw.com>
On 5/20/11 4:35 PM, Peter Williams wrote: > I didnt understand any of this thread. > > I thought the whole point was that anyone could make a foaf group, > reference n URIs==webids, and thats it. Yep! And that's actually it. Hence my: Linked Data comment :-) > > I thougt a fancier point was that the group elements might be a URI, > that either is or is the sameAs as a[distinct] webid. Thus, one can > ask for the members of a foaf group X who have webids, discarding the > rest. > > how, or why, or what the foaf group bind to, in acl terms, is a > different issue. Correct. I have old WebID based ACLs demos [1] where a number of WebIDs are associated with a foaf:Group to which ACLs apply. Simple example: 1. I make a Calendar Data Space 2. I set ACLs scoped to the entire Calendar Data Space or a specific item 3. ACLs can be scoped to Group WebIDs or Individual WebIDs. > > Alll the thread poster was trying to do was specify a group. The > poster was not attempting to bind the group id to a set of acl entries. Yes. > > one can then apply authentication policy, at the website guard. User > does SSL client authn, and guard requires webid to be on list (above), > before authz is even attempted. THis is the same as the directory > world then, in which one MUST prove one has done strong authentication > AND some issuer vouches for the keys' authenticity (in the underlying > foaf cards). The maintainer of that group is that very issuer. > > We have to disinguish between the authn guard (enforcing strong authn > policy), and the authz decision/enforcement points (based on some > authz logic, of which there are hundreds...) Links: 1. http://lists.foaf-project.org/pipermail/foaf-protocols/2010-September/003706.html -- thread about the ACL demo which showcases WebID grouping via foaf:Group Kingsley > > > > > Date: Fri, 20 May 2011 11:08:52 -0400 > > From: kidehen@openlinksw.com > > To: public-xg-webid@w3.org > > Subject: Re: WebID XG - semantic group profile. > > > > On 5/20/11 10:14 AM, Henry Story wrote: > > > On 20 May 2011, at 15:59, Kingsley Idehen wrote: > > > > > >>> be needed would be a form where people who logged in with their > e-mail could also login with their webid to prove the equivalence. > > >>> > > >>> I am not sure if this is within what is feasible within the W3C > rules. So I am CC Coralie here. > > >> To do this right, just make a 3 col google spreadsheet and then > share with the public. Use "<" and">" to handle reference values. > That's it. > > > Well I am not sure I can publish the e-mails or sha1 sum of > members of this group anywhere let alone google. So the issue is to > deal with that first. > > > > I meant: > > > > Name and WebID. > > > > Also remember, mailto: URIs shouldn't be secrets in an S/MIME + WebID > > world. You can actually verify signed emails using the aforementioned > > hybrid protocol. > > > > > Also mailing list membership changes, so it would be good to have > the :webIDXG group be representative of people who are subscribed here > at a time. To do this it seems to me a perl cgi that transforms the > information from the list members can be quickly put together. The W3C > has web servers, so there is no need to ask Google to host this I > think. (Anyway I think Andrei Sambra was happy to host it). > > > > I just mean use a Google Spreadsheet as a Triple editor since you can > > "Save As" to a location e.g. one that's mounted by WebDAV with > > redirection into a Data Space (like a DBMS). > > > > > Having it machine readable in an RDF format is something that > would help us make some nice link to the linked data community and > test out some services. > > > > Well, as I've indicated a long time ago, using ACL protected data > spaces > > is what we should be doing e.g. an ACL protected AddressBook that WebID > > compliant. > > > > > And publishing proven WebIds would also be a good way of showing > how one can do distributed > > > assurance. The file would make the assurance that the members are > part of this group. > > > > > > Finally the file is minimal. It is up to remote WebID users to > decide how much different services can learn about them. > > > > See comments above. > > > > It's not about files its about Linked Data :-) > > > > Kingsley > > > Henry > > > > > > > > > Social Web Architect > > > http://bblfish.net/ > > > > > > > > > > > > > > > -- > > > > Regards, > > > > Kingsley Idehen > > President& CEO > > OpenLink Software > > Web: http://www.openlinksw.com > > Weblog: http://www.openlinksw.com/blog/~kidehen > > Twitter/Identi.ca: kidehen > > > > > > > > > > > > -- Regards, Kingsley Idehen President& CEO OpenLink Software Web: http://www.openlinksw.com Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca: kidehen
Received on Friday, 20 May 2011 20:47:03 UTC