[foaf-protocols] WebID and WebFinger

Toby Inkster mail at tobyinkster.co.uk
Tue Aug 10 19:14:42 CEST 2010

On Mon, 9 Aug 2010 08:14:22 +0200
Danny Ayers <danny.ayers at gmail.com> wrote:

> I can't help thinking there's a fair bit of overlap between the goals
> of these projects which could be leveraged to mutual benefit, yet they
> seem like they're being developed in separate universes. 

Not entirely separate.

My CGI::Auth::FOAF_SSL can use Webfinger to locate data about a user.
If none of the WebID URLs in the X.509 certificate dereference to an
RDF resource that confirms the certificate's ownership, then it will
fall back to attempting to look up any e-mail addresses in the
certificate using Fingerpoint and Webfinger, and hopefully find the
relevant data that way.

A slight hiccough is that there's not a natural way of embedding "acct:"
URIs in X.509 certificates. The "obvious" way is:

	subjectAltName = URI:acct:joe at example.net

But this somewhat conflicts with our use of subjectAltName URI values.
We take the range of these as being effectively foaf:Agent; whereas an
"acct:" URI's range is closer to foaf:OnlineAccount. So there's a
semantic mismatch there.

That's not to say there's no scope for integration - just that it
shouldn't use that obvious route. For any Webfinger accounts which also
happen to be usable as e-mail addresses, integration is easy, as X.509
provides a specific email value type:

	subjectAltName = email:joe at example.net

Here we don't need to worry about the range of subjectAltName URIs, as
we're not using them.

So anyway, there is some work being done on the overlap. You might want
to look at some of my Perl modules on CPAN
<http://search.cpan.org/~tobyink/>. Relevant ones include XRD-Parser,
HTTP-LRDD, HTTP-Link-Parser, WWW-Finger - the thing they have in common
is that they all basically treat XRD (and related technology) as an
extension of the RDF/Linked Data world. I'm happy to go into detail if
the documentation isn't clear.

Toby A Inkster
<mailto:mail at tobyinkster.co.uk>

More information about the foaf-protocols mailing list