Fediz IDP proposed for incubation at Apache from 远洋 on 2011-11-29 (public-xg-webid@w3.org from November 2011)

From: 远洋 <corani@gmail.com>
Date: Tue, 29 Nov 2011 10:18:52 +0800
To: WebID XG <public-xg-webid@w3.org>, FOAF Protocols <foaf-protocols@lists.foaf-project.org>, jbonofre@apache.org
Message-ID: <CADPdpKYi7JqM6+KJUCJf_LacD8fuJzOXn_44mDmLpwf3TqwWLw@mail.gmail.com>

While browsing the Apache incubator mailing list, I came across a
proposal for incubation of Fediz [1]. The proposal to the mailing list
can be found here [2]. I've added Jean-Baptiste Onofré, who made the
proposal to the incubator list, to the discussion. For their
convenience, I've added a link [3] and a short description [4] of the
WebID protocol to the bottom of this email.

>From their website:

"The idea of WS-Federation for Web SSO is to externalize the
authentication process to a centralized authentication server (called
Identity Provider (IDP)) which can support any kind of authentication
mechanism. The IDP issues a security token like SAML which contains
the authenticated entity as well as role information and/or other
claim data of a user like name, email, others which is sent to the
application (called Relying Party (RP))."

It sounds like it would be a good match for them to incorporate WebID
as (one of) the authentication mechanisms. They are currently looking
for more mentors to start incubation. If there are Apache members on
this list who want to help this project move along, I'd encourage them
to check out the proposal.

I will continue to track this project and check out their source code
once it is published for opportunities to incorporate WebID. If the
project is accepted for incubation, and mailing lists are created, I
will also pitch WebID there.

[1] http://wiki.apache.org/incubator/FedizProposal
[2] http://mail-archives.apache.org/mod_mbox/incubator-general/201111.mbox/%3C4EAFBA3A.9020802@nanthrax.net%3E
[3] http://www.w3.org/wiki/WebID
[4] "WebID is an authentication protocol that uses the SSL/TLS layer
for user identification by tying the client to a profile document on
the web through placing a URI in the Subject Alternative Name field in
an X509 certificate. This is the first step to a fully standard-based
browser authentication experience. Of course it is not limited to
browser based authentication: peer to peer server authentication will
work just as well."

--
远洋 / Daniël Bos

Received on Tuesday, 29 November 2011 02:19:47 UTC