[foaf-protocols] WebID and WebFinger
henry.story at gmail.com
Mon Aug 9 17:45:51 CEST 2010
Hi Danny. You are right that fingerpoint or WebFinger and WebID (foaf+ssl) can complement each other very nicely.
Btw, the latest of my spec versions is here (I will try to have it always be the same URL soon).
To put it at its simplest: WebID is a one click authentication of a user with a global identifier.
The global identifier is currently a http/https URL.
It could of course now with WebFinger also be a mailto: url or an accnt: url. And that is what people tend to latch onto first of all when they think of making the protocols work together. But whereas having a mailto or accnt URL makes a lot of sense in OpenId, where the user has to type that URL into an account box, it is not so interesting in WebId land, as the user there need not at all remember the identifying URL, even less need he type it. The ID is locked into the X.509 certificate.
The place I see WebFinger or Fingerpoint working together with WebID is simply in email verification automation. At the end of a WebID authentication session, the Relying Party knows the WebID of the user at the end of the https connection. The Relying party then has a lot of information from the WebId profile, but none of that is verified. So if the WebID server trusts the Relying Party enough to send it the following relation
<http://joe.example/profile#me> foaf:email <mailto:henry.story at bblfish.net> .
Then the Relying Party can verify that using WebFinger or FingerPoint. Starting with the email it can using those protocols find a profile document. If that profile document itself makes the claim above then the Relying Party has confirmation that the user of the WebID really controls the email, which means the relying party does not have to feel quite so worried about being added to a spamming black list when answering a call made to it. This may sound very little, but it is a very useful feature to say the least.
On 9 Aug 2010, at 17:14, Sarven Capadisli wrote:
> On Mon, 2010-08-09 at 08:14 +0200, Danny Ayers wrote:
>> I can't help thinking there's a fair bit of overlap between the goals
>> of these projects which could be leveraged to mutual benefit, yet they
>> seem like they're being developed in separate universes. Here are an
>> overview doc, draft spec and mailing list details for each:
>> WebFinger :
> Just wanted to bring Toby Inkster proposed Fingerpoint to attention -
> "an alternative draft specification offering much the same facilities as
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
More information about the foaf-protocols