[foaf-dev] OpenPals - FOAF-based open source social infrastructure

Kingsley Idehen kidehen at openlinksw.com
Thu Sep 16 23:26:31 CEST 2010

  On 9/15/10 7:34 PM, Nikolay Krasilnkov wrote:
> Hello Kingsley,
> Thank you for reply!
> On 09/16/2010 01:51 AM, Kingsley Idehen wrote:
>>    On 9/15/10 4:40 PM, Nikolay Krasilnkov wrote:
>>> Hello FOAF-project team,
>>> My name is Nikolay Krasilnikov. I'm PhD student in Saint Petersburg
>>> State  University of Information Technologies, Mechanics and Optics 
>>> (SPb
>>> SU IFMO) and software engineer in Sun Microsystems (Oracle 
>>> Corporation).
>>> My friend Nikolay Vyahhi (he is PhD student in Saint Petersburg State
>>> University (SPb SU)) and I are prototyping some kind of social network
>>> infrastructure based on FOAF and OpenId.
>>> The main idea is to split social network to standardized back-end and
>>> substitutable front-end.
>>> Back-end is rather simple provider of social information based on FOAF
>>> standard and OpenID authorization. It looks like this:
>>> http://www.openpals.net/provider/http://nnnnnk.myopenid.com/ (slash at
>>> the end does matter). Provider also supports some security settings.
>>> Front-end is any software (UI) that can browse this FOAF network. In 
>>> our
>>> prototype it renders FOAF to some kind of usual social network page. 
>>> For
>>> example here is my page:
>>> http://www.openpals.net/profile.html?id=http://nnnnnk.myopenid.com/ .
>>> Actually we have two different front-ends — server-based that's located
>>> on http://www.openpals.net and the one implemented as Firefox 
>>> extension.
>>> In the second one there are much more possibilities in integration of
>>> different services.
>>> Description of idea with pictures:
>>> http://www.openpals.net/howitworks.html
>>>    From the point of view of FOAF we have some simple FOAF parser, 
>>> object
>>> model and UI representation.
>>> Our model is rather simple now, but we are working on it.
>>> Also we are not great experts in FOAF and RDF, so it would be great to
>>> get some expert feedback.
>> Nice looking effort!
> Thank you :)
>> Wondering if you've been looking at the WebID project at all?
> Nope :)
>> Also, I tried to create a profile using my OpenID but it failed. I
>> doubled checked with another OpenID site to ensure it wasn't me at
>> fault, and that worked.
>> My OpenID URL 
>> is:<http://kingsley.idehen.net/dataspace/person/kidehen>  .
> I guess that's a bug in openid4java library.
> It can not find endpoints on your page.
> I'll try to update it, and if it won't help, I file a bug.
> Is it Ok to provide your OpenID in bug description?

No problem.

>>> We'd like to make our ideas live, organize a community and so on. 
>>> But we
>>> don't have much experience in this things. So we'd be very pleased if
>>> you could give us some peaces of advice in this area too.
>>> Prototype:
>>> http://www.openpals.net
>>> Project:
>>> http://kenai.com/projects/openpals
>> My best piece of advice (for now) would be to incorporate WebID into
>> your service once OpenID is working properly etc..
> As I understand WebID is URI with FOAF.
> Is http://www.openpals.net/provider/http://nnnnnk.myopenid.com/#NNK my 
> WebID?

You tell me, your the publisher :-)

I can assume, based on the #URI pattern that:

1. http://www.openpals.net/provider/http://nnnnnk.myopenid.com/#NNK -- 
Your WebID
2. http://www.openpals.net/provider/http://nnnnnk.myopenid.com -- Your 
FOAF Profile which has the WebID above as PrimaryTopic .

> And is it possible to split WebID provider and FOAF provider?
Yes, so you have an IdP for generating  security tokens (i.e., X.509 
Certs) that contains reference to your WebID (HTTP URI or email Address 
style URI). Thus, a WebID compliant Relying Party can then look-up your 
WebID via the security token (when presented during authentication 
challenge), and then use it locate the public key that matches that of 
the SSL/TLS verified security token,  en route to verifying your identity.

You can try this out at: http://id.myopenlink.net/ods, and just do the 

1. Signup (you can use a WebID if you have one)
2. Edit your profile (basically, go to "Security Tab" and Generate an 
X.509 Cert and Private Key)
3. Use the "X.509 Cert" tab to enable your account for WebID access.

That's it. Remember to place your Personal URI (FOAF Profile 
PrimaryTopic URI) in the appropriate field when using the X.509 Cert 

If you want to be a little more sophisticated, you can do the following:

1. place a email address URI in the email address field of the profile 
management form (or if you want to leave a real email address use the 
"Other WebIDs" field to hold an acct: scheme based email address URI)

2. place your external WebID as another alternative WebID entry 
(basically indicating that each of these are co-references)

3. use the acct: scheme email address URI as the email address value or 
WebID value when generating your Cert

4. copy the generated public key (from id.myopenlink.net) over to your 
external FOAF profile space
     - associate the public key with your WebID in the external FOAF 
profile space

5. delete the public key stored in the id.myopenlink.net data space.

When challenged, the id.myopenlink.net IdP will resolve your identity by 
meshing/smushing the data associated with the co-reference WebIDs en 
route to locating the matching public key -- which resides in our FOAF 
space .

> Now it's possible to change our FOAF provider to other keeping id and 
> data transparently for other users in the network.

> Regards,
> Nick.
>> Kingsley
>>> Best Regards,
>>> Nick.
>>> _______________________________________________
>>> foaf-dev mailing list
>>> foaf-dev at lists.foaf-project.org
>>> http://lists.foaf-project.org/mailman/listinfo/foaf-dev



Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen

More information about the foaf-dev mailing list