[foaf-dev] "dockable" proposal: one StatusNet/laconica instance should support per-user DNS aliases

Melvin Carvalho melvincarvalho at gmail.com
Tue Sep 8 09:50:43 CEST 2009


On Sun, Aug 30, 2009 at 7:10 PM, Kingsley Idehen<kidehen at openlinksw.com> wrote:
> Dan Brickley wrote:
>> On Sun, Aug 30, 2009 at 12:45 PM, Graham Klyne<GK-lists at ninebynine.org> wrote:
>>
>>> Dan Brickley wrote:
>>>
>>>> I'm been thinking about this idea mostly in the context of FOAF and
>>>> "social networking" portability, but I think StatusNet and the open
>>>> microblogging effort is a great place to test it, and fits with Evan's
>>>> "Control Yourself" motto here. There are also business model
>>>> implications for companies thinking about hosting too; I'm interested
>>>> on feedback there, as well as technical feedback.
>>>>
>>> I do like your ideas, and the metaphor!
>>>
> Dan,
>
> I tend to use the phrase: Personal Data Spaces as my preferred moniker
> for a "point of presence on the Web" that is individually controlled.
> This point of presence would allow read and write access, albeit
> constrained by data access polices that leverage social networks and
> other data points exposed by FOAF based profiles.
>
> Typically, personal data spaces would be .Name or .Me domain based. In
> short, they would be Linked Data aware variants of efforts such as
> FreeYourID etc.
>
>
> OpenLink Data Spaces (ODS) has always been about what I describe above,
> the tricky part (and real hold up for years) had been the domain
> registration aspect, since I've always wanted that to be loosely coupled
> via REST or SOAP style of Web Services.
>
> This is why FOAF, OpenID, OAuth, and all other relevant standards have
> been part of Virtuoso (the traditional and virtual data management
> layer) and ODS (application layer) for a number of years now.
>>> Unless I'm missing something here, it sounds as if you could fake up what
>>> you suggest by using Apache proxy+reverse proxying and the HTML rewriting
>>> module. It's not a final solution, but maybe a way to cheaply explore what
>>> it would be like for users, and maybe to uncover where some of the technical
>>> issues might arise.
>>>
>>
>> I'd thought of proxies, but not with HTML rewriting, that's
>> interesting. So a bit like greasemonkey scripts applied server-side, I
>> guess. Yes, that could be good way to flush out unanticipated
>> technical issues, fiddly interaction with things like Cookies and
>> cross-site scripting rules, etc.
>>
>> There are lots of ways that variants of a "dockable" effect could be
>> achieved. The ugliest I can think of so far is HTML Frames, which some
>> DNS vendors (eg. Gandi) offer as a way of "forwarding" to other
>> domains. Painful for lots of reasons (linkability, bookmarkability),
>> but it shows the desire and interest is there. Another thing we're
>> seeing is Javascript that rewrites it's host document after calling
>> out to its parent site. There are 1000s of Web 2 badges and widgets
>> done in this style, eg. mini Flickr photo galleries or "my most recent
>> twitter post" sidebars. The downside here is that the generated HTML
>> is ephemeral; it is generated by client-side javascript code, and so
>> is very much a second class citizen of the Web. Such content doesn't
>> show up in search engines, has huge accessibility issues, and isn't
>> available eg. for normal HTTP-based re-use, eg. page translation
>> utilities. But again it shows the desire for the functionality of
>> putting social site content into user's sites. Facebook also have some
>> technologies they're pushing in this direction.
>>
>> Apart from the DNS-based proposal I aired here, I have also been
>> thinking that the combination of something like OAuth with something
>> like AtomPub has a lot of potential. If sites could ask to be
>> delegated "posting permission", either for stable pages or for pushing
>> items into a blog-like stream, then you can imagine music.danbri.org
>> being maintained mostly, by last.fm for me; or perhaps by a
>> combination of last.fm, bbc music, and other musicky sites. At the
>> moment I'm looking at TV stuff, so the idea of a fancy site generating
>> a very rich user profile ("favourite actor" etc) and pushing it back
>> to my home site as HTML/RDFa is quite appealing. And I think the link
>> karma aspect might be enough to persuade some businesses that this is
>> worth doing...
>>
>> cheers,
>>
> Ultimately, people are going to look to platforms that virtualize data
> across all the Web Silos via platforms. The virtualization layer will be
> capable of the following in a loosely coupled manner:
>
> 1. Domain Registration
> 2. DNS setup and management
> 3. Profile Management (using RDF based Linked Data for untethered
> dimensionality)
> 4. Policy based Data Access (FOAF+SSL, OpenID, and OAuth depending of
> data access type and data access policy granularity requirements)
> 5. An Identity based security model that leverages RDF, HTTP URIs, and
> FOAF+SSL
> 6. Use HTML+RDFa as the default metadata representation mechanism
> (basically the home page of the data space which is basically the
> "About" segment of a typical home page).
>
> When a platform handles the above, "danbri.org" can become the conduit
> to all of you data. Basically, you will only need a given silo to
> support Web Services APIs (in the most extreme cases e.g., typical Web
> 2.0 style "software as services" solutions) to get going.
>
> Once we are done with #1 above (part that has protracted this entire
> effort for me), I will unveil my ODS based Data Space as a live example.

I like the following approach.  Your FOAF is a (read/write) entry
point to your data.

Now this can lead to other 'docked' URI's, or as a proxy to some other
part of your (access controlled) data footprint, which could be
somewhere else on the web or on your own machine via (web) socket.

WebAccessControl will determine who sees what, and how much (bandwidth
limits may apply).  Updates should enter a queue on your IdP, and
relayed to you.  It should work in realtime or delayed (maybe with
HTTP 200 / 202 as response to tell the initiator what happened).

You'll need to protect against spam 'mail bombs' and DDOS, but what's new?

You will leverage reputation data from the linked cloud for smart
filtering.  I see your IdP as having a few core functions that it does
very well, and it's going to be really tricky to make this robust, but
probably worth the effort.  Then other providers should offers
services on top, either hosted on your own server, hosted by a third
party or proxied to your own machine.

Adding a well written service (eg status) should be as easy as
dropping that file into a directory, or a git one-liner (possibly
including an embedded sqlite db).  The magic sauce is in the access
control and negotiation from one party to another built on top of a
WOT linked data infrastucture.

>
> Links:
>
> 1. http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/Ods
>> Dan
>> _______________________________________________
>> foaf-dev mailing list
>> foaf-dev at lists.foaf-project.org
>> http://lists.foaf-project.org/mailman/listinfo/foaf-dev
>>
>>
>
>
> --
>
>
> Regards,
>
> Kingsley Idehen       Weblog: http://www.openlinksw.com/blog/~kidehen
> President & CEO
> OpenLink Software     Web: http://www.openlinksw.com
>
>
>
>
> _______________________________________________
> foaf-dev mailing list
> foaf-dev at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-dev
>


More information about the foaf-dev mailing list