W3C home > Mailing lists > Public > semantic-web@w3.org > May 2013

Re: Is there a way to identify the a user in a web request?

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Fri, 24 May 2013 14:14:54 +0200
Message-ID: <CAKaEYhJ3bWx8Z+C1zsm+gfSvFQhXyQAwhrzmjfLU4D4oX=tZ9A@mail.gmail.com>
To: Henry Story <henry.story@bblfish.net>
Cc: Leon Derczynski <leon@dcs.shef.ac.uk>, Semantic Web <semantic-web@w3.org>
On 24 May 2013 13:46, Henry Story <henry.story@bblfish.net> wrote:

>
> On 24 May 2013, at 12:51, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
>
>
>
>
> On 24 May 2013 12:42, Henry Story <henry.story@bblfish.net> wrote:
>
>>
>> On 24 May 2013, at 12:36, Melvin Carvalho <melvincarvalho@gmail.com>
>> wrote:
>>
>> On 24 May 2013 12:27, Henry Story <henry.story@bblfish.net> wrote:
>>
>>>
>>> On 24 May 2013, at 12:14, Leon Derczynski <leon@dcs.shef.ac.uk> wrote:
>>>
>>> It's been traditional for crawlers to specify an email or web URI in the
>>> "From:" header of any HTTP requests they make; this could readily be used
>>> for an identifying link.
>>>
>>> All the best,
>>>
>>>
>>> You could also use a Link header to put that information.
>>> But you don't really want to be sending this around automatically, and
>>> without the user
>>> getting to decide if he wishes to authenticate. with https the server
>>> can ask
>>> the client for identifying info, and the client can decide to give it or
>>> not.
>>> See http://webid.info/spec
>>>
>>
>> Identification and authentication are different problems.
>>
>> Consider the postal service.  You traditionally identify by writing your
>> name on an envelope.  Historically people have used things like 'royal
>> seals', or 'registered post' for some extra layer of auth on top.
>>
>>
>> You do that in the postal system, so that if your mail cannot reach its
>> destination it is easy to send a
>> response back. With HTTP it is easy to send a response back because your
>> TCP connection will
>> fail if you cannot connect.
>>
>> A preferred authentication system should not be an impediment to the
>> ability to identify in a simple intuitive way, imho
>>
>>
>> Well you can do that by using the Link Headers perhaps.
>> http://tools.ietf.org/html/rfc5988
>> You can add any metadata using that, including authoriship of the content
>> using WebID for
>> example. I am speaking of the plain vanilla WebID as defined here
>>   https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html
>>
>
> So my question is whether there is an existing link header.  There appears
> not to be anything concrete.  Maybe something in oauth or webdav I thought
> perhaps.
>
> Reuse of "From" is possible, but at least some of those that control the
> registry may have some push back on this
>
> Another existing link header could be used, similar to how baidu and
> google are doing it today (tho it's not elegant)
>
> A new link header could be made e.g. an http, or one in the registry
>
>
> The Link header allows you to express anything you can express in RDF in
> the header.
> So you are all set. Did you check the registry?
>

Yes, tho I was requesting further feedback.

Tentatively so far, ive seen strong support and some strong opposition for
reusing the "From" header.  The text from the RFC is "...the request is
being performed on behalf of the person given, who accepts responsibility
for the method performed", which is very close to what is wanted.

The exercise is to come to a consensus as to more whether it's appropriate
to reuse an existing term, or to create a new one.


>
>
>
>> The question is finding use cases for it.
>>
>>
>>
>>
>>>
>>>
>>>
>>> Leon
>>>
>>>
>>> On 24 May 2013 11:53, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
>>>
>>>> In most communication protocols it's possible to specify a sender
>>>>
>>>> For example, when I send a letter I can write my address on the back
>>>>
>>>> When I make a phone call, it's possible to have "caller display" to see
>>>> who's calling
>>>>
>>>> When sending an email I can see who the email is from
>>>>
>>>> But on the web, it's not obvious how to do this
>>>>
>>>> Does anyone have a solution to this, or why it may be a bad idea?
>>>>
>>>
>>>
>>>
>>> --
>>> Leon R A Derczynski
>>> Research Associate, NLP Group
>>>
>>> Department of Computer Science
>>> University of Sheffield
>>> Regent Court, 211 Portobello
>>> Sheffield S1 4DP, UK
>>>
>>> +45 5157 4948
>>> http://www.dcs.shef.ac.uk/~leon/
>>>
>>>
>>>     Social Web Architect
>>> http://bblfish.net/
>>>
>>>
>>
>>    Social Web Architect
>> http://bblfish.net/
>>
>>
>
> Social Web Architect
> http://bblfish.net/
>
>
Received on Friday, 24 May 2013 12:15:27 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 08:45:33 UTC