W3C home > Mailing lists > Public > public-xg-webid@w3.org > May 2011

Re: WebID XG - semantic group profile.

From: Henry Story <henry.story@bblfish.net>
Date: Fri, 20 May 2011 23:01:32 +0200
Cc: "public-xg-webid@w3.org" <public-xg-webid@w3.org>
Message-Id: <C0A09B75-CE28-4C37-95A1-FBE517CCE20F@bblfish.net>
To: Peter Williams <home_pw@msn.com>

On 20 May 2011, at 22:35, Peter Williams wrote:

> I didnt understand any of this thread.

I think you don't understand this subthread of the whole thread. Otherwise you seem to have
understood the initial posters intention well.

> I thought the whole point was that anyone could make a foaf group, reference n URIs==webids, and thats it.

yes anyone can. We, in particular we would like a WebID for the WebID XG  members group.

> I thougt a fancier point was that the group elements might be a URI, that either is or is the sameAs as a[distinct] webid. Thus, one can ask for the members of a foaf group X who have webids, discarding the rest.

I am not sure I understand you here. The example I gave was this

webIdXG a foaf:Group;
   foaf:name "The WebID Incubator Group";
   foaf:member <http://bblfish.net/people/henry/card#me>,
              [ foaf:mbox_sha1sum "60f034ceab5b8b6fe8085a9e9f72ae23d2e809e8"],

In full notation it might be written out like this

<http://w3.org/groups/webid/#webidXG> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <http://xmlns.com/foaf/0.1/Group> .

or in short

<http://w3.org/groups/webid/#webidXG> a foaf:Group .

so that says that we have a foaf group named <http://w3.org/groups/webid/#webidXG>

Then we have the statement

<http://w3.org/groups/webid/#webidXG> <http://xmlns.com/foaf/0.1/member> <http://bblfish.net/people/henry/card#me> .

which says that I am a member of the group.

And the following two statemetns

<http://w3.org/groups/webid/#webidXG> <http://xmlns.com/foaf/0.1/member> _:r .
_:r <http://xmlns.com/foaf/0.1/mbox_sha1sum> "60f034ceab5b8b6fe8085a9e9f72ae23d2e809e8" .

Which says that there is a member, who has an e-mail address whose sha1sum is "60f034ceab5b8b6fe8085a9e9f72ae23d2e809e8"

That last option was just so that authz services that use e-mail authn could also use that information to authz users that were part of this group.

>  how, or why, or what the foaf group bind to, in acl terms, is a different issue.

exactly. We are just describing members of a group.

> Alll the thread poster was trying to do was specify a group. The poster was not attempting to bind the group id to a set of acl entries.


> one can then apply authentication policy, at the website guard. User does SSL client authn, and guard requires webid to be on list (above), before authz is even attempted. THis is the same as the directory world then, in which one MUST prove one has done strong authentication AND some issuer vouches for the keys' authenticity (in the underlying foaf cards). The maintainer of that group is that very issuer.

Here the foaf group publisher has nothing to do with keys though. The publisher of the foaf group just lists members. The members are identified by WebIDs that point to remote entries that give more information about the user.

> We have to disinguish between the authn guard (enforcing strong authn policy), and the authz decision/enforcement points (based on some authz logic, of which there are hundreds...)

yes. and we can add that we also distinguish between those two and what might be called in the old world attribute authorities. Here we have as attribute authorities:

1. the publisher of the WebID XG foaf group resource (hopefully the w3c at some point)
2. the publisher of information about each individual member (the members themselves usually,
   but it could also be the university they work for or their company)

> > Date: Fri, 20 May 2011 11:08:52 -0400
> > From: kidehen@openlinksw.com
> > To: public-xg-webid@w3.org
> > Subject: Re: WebID XG - semantic group profile.
> > 
> > On 5/20/11 10:14 AM, Henry Story wrote:
> > > On 20 May 2011, at 15:59, Kingsley Idehen wrote:
> > >
> > >>> be needed would be a form where people who logged in with their e-mail could also login with their webid to prove the equivalence.
> > >>>
> > >>> I am not sure if this is within what is feasible within the W3C rules. So I am CC Coralie here.
> > >> To do this right, just make a 3 col google spreadsheet and then share with the public. Use "<" and">" to handle reference values. That's it.
> > > Well I am not sure I can publish the e-mails or sha1 sum of members of this group anywhere let alone google. So the issue is to deal with that first.
> > 
> > I meant:
> > 
> > Name and WebID.
> > 
> > Also remember, mailto: URIs shouldn't be secrets in an S/MIME + WebID 
> > world. You can actually verify signed emails using the aforementioned 
> > hybrid protocol.
> > 
> > > Also mailing list membership changes, so it would be good to have the :webIDXG group be representative of people who are subscribed here at a time. To do this it seems to me a perl cgi that transforms the information from the list members can be quickly put together. The W3C has web servers, so there is no need to ask Google to host this I think. (Anyway I think Andrei Sambra was happy to host it).
> > 
> > I just mean use a Google Spreadsheet as a Triple editor since you can 
> > "Save As" to a location e.g. one that's mounted by WebDAV with 
> > redirection into a Data Space (like a DBMS).
> > 
> > > Having it machine readable in an RDF format is something that would help us make some nice link to the linked data community and test out some services.
> > 
> > Well, as I've indicated a long time ago, using ACL protected data spaces 
> > is what we should be doing e.g. an ACL protected AddressBook that WebID 
> > compliant.
> > 
> > > And publishing proven WebIds would also be a good way of showing how one can do distributed
> > > assurance. The file would make the assurance that the members are part of this group.
> > >
> > > Finally the file is minimal. It is up to remote WebID users to decide how much different services can learn about them.
> > 
> > See comments above.
> > 
> > It's not about files its about Linked Data :-)
> > 
> > Kingsley
> > > Henry
> > >
> > >
> > > Social Web Architect
> > > http://bblfish.net/
> > >
> > >
> > >
> > 
> > 
> > -- 
> > 
> > Regards,
> > 
> > Kingsley Idehen 
> > President& CEO
> > OpenLink Software
> > Web: http://www.openlinksw.com
> > Weblog: http://www.openlinksw.com/blog/~kidehen
> > Twitter/Identi.ca: kidehen
> > 
> > 
> > 
> > 
> > 
> > 

Social Web Architect
Received on Friday, 20 May 2011 21:02:05 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:45 UTC