[foaf-dev] web of trust, openid and foaf

Story Henry henry.story at bblfish.net
Tue Sep 18 12:18:12 BST 2007


On 18 Sep 2007, at 06:38, Peter Williams wrote:

> At http://yorkporc.spaces.live.com/blog/cns!5061D4609325B60! =

> 212.entry I think I address most of your points, along with a  =

> wholesale reorganization of the material.

Well as a result your post got a good link from here:
http://blogs.talis.com/nodalities/2007/09/this_weeks_semantic_web_9.php

:-)


> It now reads like a paper (even though its supposed to be a blog  =

> post!).

Well it is very useful:
  - for you to help you clarify your thinking (that's how I use blog  =

posts)
  - for others joining the Semantic Web with a background similar to  =

yours as you are helping them trace a path
  - for me to understand where you are going to

> Thanks for the Comments.

You're welcome.

It's kind of a ironic though that your blog post on openid and foaf  =

requires card space authentication to
post comments on ;-)

Just to answer a couple of questions on your previous post here first.

> I'm going to keep my contribution here largely to one that exploits  =

> my security knowhow. Others familiar with the web's data modeling  =

> language(s) can and must always correct me on use of the many  =

> levels of formalism. I do note that, general speaking, the barrier  =

> to entry when engineering FOAF solutions is very high - but I will  =

> not let that deter me. Between the very practical openid culture  =

> and the very formal foaf/rdf culture, there can be a winning team.  =

> Each lacks what the other has to offer: contrasting cultures, and  =

> contrasting features. I can say such things, being an outsider to  =

> both!

Foaf is in fact a very practical bottom up approach to constructing  =

an ontology. As you mention below the openid relation is first  =

proposed on the mailing list, if it is a good idea, and not available  =

elsewhere in a better way then it gets added to the spec with an  =

"experimental" status. If it is successfully used and deployed then  =

it gets the "stable" type.

The basics of RDF are very formal, but one does not have to know  =

every aspect of that in order to work with it. Mathematicians can  =

produce 1000 page books to prove that 1+1=3D2. Most people have gotten  =

along without the proof for years. Making simple things clear is very  =

difficult, since you need to base your work on even simpler and more  =

obvious things.

Finally the openid specs are themselves quite long. If you add to  =

that all the other specs people are putting together in the WS-*  =

land, XML land, and so on, where each language has to define it's own  =

syntax and semantics, you can see how in fact RDF is a huge  =

simplification. I see learning RDF (not RDF/XML which I don't yet  =

master - worth pointing out btw in your posting to people that they  =

should learn N3) as a way for me to avoid having to learn all the  =

other standards. People like you who do have a background in those  =

standards are not of course made jobless because of this: your  =

strength is to be a bridge and a voice to help people move from those  =

space into the RDF world. Think of RDF as being to data standards  =

what the internet was to the previous networks - a network of  =

networks, the data format of data formats.

> 1. FOAF is not a standard; it's not a recommendation. It's  =

> specifically not those things. Rather, it=92s a gestalt-spec of the  =

> consensus that blends the intuition about notions with a custom  =

> language for discussing the concepts and describing actual objects  =

> in the real world. So, needing to stay very grounded in the use of  =

> time and resources, how can one tell when the foaf:openid property  =

> is "accepted" as even deserving "experimental" status, having moved  =

> beyond an email thread?

Well it's in the rdf ontology already, so it has moved beyond the  =

email thread.

  cwm http://xmlns.com/foaf/0.1/ | less

My guess is that it will depend on how people use it and comments  =

they send back for it to make it into the next stable version...

Foaf is an ontology. Everyone can create an ontology. The successful  =

ones will be those that get adopted. On that measure foaf is very  =

successful.

> The next task is to get the SPARQL library back into action, and  =

> get back to using Euler to compute whose public key is endorsed by  =

> who, in a key-signing chain of length X discovered by evaluating  =

> the connections in the knows relation. It will be fun to see how  =

> the engineering issues play out when such processes are applied to  =

> very large numbers of FOAF files, with many knows-relations.

It will be interesting to see what your results are.

I wonder what the minimal number of people one would have to know to  =

get comfortable when one finds a foaf file of someone one does not  =

know. My guess is that one can be very flexible. You may meet some  =

Joe Smith with no web of trust links. His foaf file is still useful.  =

If he links and is signed by someone else that you know, that can  =

immediatly increase your trust to the level of trust you have for the  =

person you know. If he links to someone else you don't know who has  =

signed is file, then it will depend I suppose on how much time you  =

have to search backwards and see if you find a relation to someone  =

you know. Central certificate authorities of course help here to cut  =

the search down to one step.

Anyway, I have to work on a couple of other things. I'll get back to  =

working on this hopefully sometime next week.

Henry


>
>> -----Original Message-----
>
>> From: Story Henry [mailto:henry.story at bblfish.net]
>
>> Sent: Monday, September 17, 2007 6:28 AM
>
>> To: Peter Williams
>
>> Cc: foaf-dev at lists.foaf-project.org
>
>> Subject: Re: [foaf-dev] web of trust, openid and foaf
>
>>
>
>> Hi Peter, thanks for taking the time to write this up.
>
>>
>
>> I'll just add comments, on your text, most of them of stylistic
>
>> value. I think it is really great how you have come to learn all this
>
>> stuff so quickly. It is great to have someone with real experience in
>
>> security grok this :-)
>
>>
>
>> ----------------
>
>>
>
>> So here are points I can think of:
>
>>
>
>> - I think you need to use html coloring for your html examples
>
>>    (use &lt; and &gt;, place the quoted html into a <pre> </pre> tag,
>
>> and you can even use font coloring tags
>
>>    to get the coloring effect.
>
>>    Otherwise you may want to work on getting much higher resolution
>
>> on your images, they are quite painful to look at on higher
>
>> resolution screens
>
>>
>
>> - [[
>
>>   "Basic" legitimacy is determined by confirming that the openid
>
>> Property is present in the Person class of an authentic FOAF file
>
>> that contains a single
>
>> PersonalProfileDocument.
>
>> ]]
>
>>   that should perhaps be "the openid property is present in the
>
>> instance of the Person class..."
>
>> (the openid property is present in the Person class itself - it is
>
>> defined as having a foaf:Person as a domain)
>
>>
>
>> - [[
>
>> The first graphic below shows a FOAF file with a
>
>> PersonalProfileDocument.
>
>> ]]
>
>>
>
>> should be "The first graphic below shows a FOAF file with a
>
>> PersonalProfileDocument element". (that would be looking at the level
>
>> of syntax)
>
>>
>
>> One can the move to the level of semantics, by explaining that the
>
>> document is describing itself, as you do.
>
>>
>
>> - [[The Person resource has an openid Property whose value is --
>
>> unlike the previous example -- very
>
>> much related to the URL from which the document may be retrieved:
>
>> http://homepw.livejournal.com/data/foaf.rdf
>
>> HTTP/1.0 200 OK
>
>> Content-Type: application/rdf+xml; charset=3Dutf-8
>
>> ]]
>
>>
>
>> Reading that graphic it looks like the statement is:
>
>> [] foaf:openid <http://homepw.livejournal.com> .
>
>>
>
>> so you need to explain the jump from there to the URL of the next  =

>> line:
>
>> http://homepw.livejournal.com/data/foaf.rdf
>
>>
>
>> - [[
>
>> In that example (from the draft specification), note the form of a
>
>> complex identity element - a
>
>> User. This contrasts with how identity was used in another example in
>
>> the context of two SPARQL
>
>> query attempting to emulate the request and response of SAML
>
>> assertions:
>
>> ]]
>
>>
>
>> You never go on to explain how it contrasts. One is a statement, the
>
>> other two are examples of queries.
>
>>
>
>> - [[
>
>> Signaling a FOAF file in a FOAF-aware
>
>> consumer
>
>> ]]
>
>>
>
>> You fail to mention here the other way of doing this, by placing a
>
>> meta link in the <head> section of the html.
>
>> It is pretty close, but I think the second way will be the more usual
>
>> method.
>
>>
>
>> In Conclusion:
>
>>
>
>> It looks to me like their are some untied ends around still.  I think
>
>> this could be made clearer with some
>
>> UML sequence diagrams that show:
>
>>
>
>>   -1 the original writing of the openid
>
>>   -2 the getting of the openid html file
>
>>   -...
>
>>   - the getting of the foaf file (verification that it contains an
>
>> openid relation on a person)
>
>>   - the cryptographic ties if there are any
>
>>
>
>> Well in point of fact, I imagine one could write a whole book on the
>
>> subject... So there is probably no way to finish this.
>
>>
>
>> Home page: http://bblfish.net/
>
>> Sun Blog: http://blogs.sun.com/bblfish/
>
>> Foaf name: http://bblfish.net/people/henry/card#me
>
>>
>
>> On 17 Sep 2007, at 11:20, Peter Williams wrote:
>
>>
>
>>> After 2+ months of learning, reading, tooling and playing, I've put
>
>>> my thoughts on a deeper integration of openid and foaf down on
>
>>> paper, http://yorkporc.spaces.live.com/blog/cns!5061D4609325B60!
>
>>> 175.entry.
>
>>>
>
>>>
>
>>>
>
>>> I feel very much like I felt in 1993, very hopeful and very
>
>>> enthused. My gut feeling tells me the next round of security
>
>>> technology is maturing nicely.  Much of the technology in play
>
>>> today is, in contrast, nearly 25 year old and heavily focused on
>
>>> centralized control. A lot of it can be discarded, being replaced
>
>>> with materials that simply fit web culture "properly".
>
>>>
>
>>> _______________________________________________
>
>>> foaf-dev mailing list
>
>>> foaf-dev at lists.foaf-project.org
>
>>> http://lists.foaf-project.org/mailman/listinfo/foaf-dev
>
>
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2429 bytes
Desc: not available
Url : http://lists.usefulinc.com/pipermail/foaf-dev/attachments/20070918/68=
c9573f/smime.bin


More information about the foaf-dev mailing list