Re: WebID XG - semantic group profile.

On 20-May-11 22:35, Peter Williams wrote:
> I didnt understand any of this thread.
I'll try to make it as simpler as possible. The idea is to create a 
group profile which would eventually become _the_ reference resource and 
which will be hosted by W3C. Since that is out of the question for now, 
I will host it on my private server.
>
> I thought the whole point was that anyone could make a foaf group, 
> reference n URIs==webids, and thats it.
>
> I thougt a fancier point was that the group elements might be a URI, 
> that either is or is the sameAs as a[distinct] webid. Thus, one can 
> ask for the members of a foaf group X who have webids, discarding the 
> rest.
>
> how, or why, or what the foaf group bind to, in acl terms, is a 
> different issue.
>
> Alll the thread poster was trying to do was specify a group. The 
> poster was not attempting to bind the group id to a set of acl entries.
Indeed, I should have made it clearer from the start.

> one can then apply authentication policy, at the website guard. User 
> does SSL client authn, and guard requires webid to be on list (above), 
> before authz is even attempted. THis is the same as the directory 
> world then, in which one MUST prove one has done strong authentication 
> AND some issuer vouches for the keys' authenticity (in the underlying 
> foaf cards). The maintainer of that group is that very issuer.
>
> We have to disinguish between the authn guard (enforcing strong authn 
> policy), and the authz decision/enforcement points (based on some 
> authz logic, of which there are hundreds...)
>
It's up to each of us to define how we want to implement ACL based on 
the group resource. The point here is that there will be only one group 
profile whichshould be used for authz.

>
> > Date: Fri, 20 May 2011 11:08:52 -0400
> > From: kidehen@openlinksw.com
> > To: public-xg-webid@w3.org
> > Subject: Re: WebID XG - semantic group profile.
> >
> > On 5/20/11 10:14 AM, Henry Story wrote:
> > > On 20 May 2011, at 15:59, Kingsley Idehen wrote:
> > >
> > >>> be needed would be a form where people who logged in with their 
> e-mail could also login with their webid to prove the equivalence.
> > >>>
> > >>> I am not sure if this is within what is feasible within the W3C 
> rules. So I am CC Coralie here.
> > >> To do this right, just make a 3 col google spreadsheet and then 
> share with the public. Use "<" and">" to handle reference values. 
> That's it.
> > > Well I am not sure I can publish the e-mails or sha1 sum of 
> members of this group anywhere let alone google. So the issue is to 
> deal with that first.
> >
> > I meant:
> >
> > Name and WebID.
> >
> > Also remember, mailto: URIs shouldn't be secrets in an S/MIME + WebID
> > world. You can actually verify signed emails using the aforementioned
> > hybrid protocol.
> >
> > > Also mailing list membership changes, so it would be good to have 
> the :webIDXG group be representative of people who are subscribed here 
> at a time. To do this it seems to me a perl cgi that transforms the 
> information from the list members can be quickly put together. The W3C 
> has web servers, so there is no need to ask Google to host this I 
> think. (Anyway I think Andrei Sambra was happy to host it).
> >
> > I just mean use a Google Spreadsheet as a Triple editor since you can
> > "Save As" to a location e.g. one that's mounted by WebDAV with
> > redirection into a Data Space (like a DBMS).
> >
> > > Having it machine readable in an RDF format is something that 
> would help us make some nice link to the linked data community and 
> test out some services.
> >
> > Well, as I've indicated a long time ago, using ACL protected data 
> spaces
> > is what we should be doing e.g. an ACL protected AddressBook that WebID
> > compliant.
> >
> > > And publishing proven WebIds would also be a good way of showing 
> how one can do distributed
> > > assurance. The file would make the assurance that the members are 
> part of this group.
> > >
> > > Finally the file is minimal. It is up to remote WebID users to 
> decide how much different services can learn about them.
> >
> > See comments above.
> >
> > It's not about files its about Linked Data :-)
> >
> > Kingsley
> > > Henry
> > >
> > >
> > > Social Web Architect
> > > http://bblfish.net/
> > >
> > >
> > >
> >
> >
> > --
> >
> > Regards,
> >
> > Kingsley Idehen
> > President& CEO
> > OpenLink Software
> > Web: http://www.openlinksw.com
> > Weblog: http://www.openlinksw.com/blog/~kidehen
> > Twitter/Identi.ca: kidehen
> >
> >
> >
> >
> >
> >

Received on Friday, 20 May 2011 20:56:05 UTC