[foaf-dev] Re: [OpenID] foaf and openid

Lukas Rosenstock lukas.rosenstock at identity20.eu
Fri Jul 20 18:57:39 BST 2007

Am 20.07.2007, 16:59 Uhr, schrieb Boris Erdmann  
<boris.erdmann at googlemail.com>:

> Well,
> if we made
>   http://mydoma.in/myfoaf.rdf
> an OpenID2.0 consumer it could be accessed via
>   http://mydoma.in/myfoaf.rdf?openid_identifier=your.open.id
> and it would know how much foaf-data to reveal towards the requesting
> identity. Not much protocol needed here to start with. (Thinking
> further, this might be one of the first widely adopted use cases for
> immediate Auth requests)

It is not that simple, because that would work only inside the browser and  
usually it is a 3rd party site or webservice that accesses the resource.  
But I agree that this is a very good use case for enabling authenticated  
webservice requests. Martin Atkins was working on a spec for that and so  
was I, unfortunately I had to time to finish my work - I promise I will.

> One would need to think about discovery (but see the sun article you
> quoted, as this is the "officially" proposed method
> http://www.foaf-project.org/2004/11/join.html). In an ideal world my
> FOAF URL could be my OpenID, because every browser understands XSLT
> and could render the foaf data into XHTML (but this would break simple
> HTML discovery for OpenID). Or it could be done using Yadis.

Possible, yes, but I would say that the conversion of FOAF to XHTML is  
something that should not be done client-wise but on the server-side. This  
avoids incompatibilities with browsers.
However, XRDS-based discovery of OpenID (aka Yadis) should be the  
method-of-choice anyway.


More information about the foaf-dev mailing list