[foaf-protocols] Fwd: Re: WebID breakthrough - pure Javascript+Flash implementation

Kingsley Idehen kidehen at openlinksw.com
Sat Aug 14 13:04:30 CEST 2010

Bruno Harbulot wrote:
> Hi,
> You're absolutely right, RESTfulness matters for curl/Tabulator 
> (essentially, non-browser user-agents). Does it matter to the general 
> public using a browser for normal website usage? I'm not sure right now.

But do we architect protocols and technology in general for "Now" or 
"Tomorrow" ?

The Browser isn't going to be the dominant Web user agent forever. There 
will be numerous smart, purpose specific, user agents traversing the Web 
of Linked Data very soon.

Without the Web of Linked Data evolution, the Browser remains the prime 
user agent. Today's reality is this though: Web of Linked Data train has 
long left the station :-)
> It's a general problem regarding REST and authentication. It seems that 
> some REST advocates claim both that (a) using cookies (including for 
> authentication) makes a system not RESTful and (b) the virtues of REST 
> are proven by the success of the WWW.
> Of course, that doesn't really work when you notice that most websites 
> that require users to authenticate use forms nowadays.
> I'd be interested in a "WWW-Authenticate: Form" scheme or similar, and 
> someone else started a draft on a "WWW-Authenticate: Cookie" spec. It 
> just doesn't seem to get much interest, as far as I'm aware.
> I know it may sound a bit disappointing from a technical perspective, 
> but REST isn't something that most users care about. Most people just 
> want something that works when they're using a browser, and tend to be 
> satisfied with the Facebook/Google/... account experience.
> I'm aware of the benefits of REST and RESTful authentication because 
> I've been writing services targeted at both browsers and automated 
> clients, but I reckon this still is a niche market.

A growing market in its embryonic stages. Again, the key stimulant here 
is a functional and growing Web of Linked Data.
> Again, if we don't make use of the keys with the WebID, the JS+Flash 
> interface will look just like the existing OpenID choices at the moment 
> (and that's not necessarily a bad thing). From there, I think it's going 
> to be hard to convince most users to use a WebID rather than an OpenID 
> (or even instead of their Google account, which most people might not 
> even know is an OpenID provider).
> Sure, Linked Data goes further than the browser experience, but there 
> are still a number of issues to address. I think it depends on what the 
> target audiences are.

Yes, and the target audience is basically those seeking agility when 
exploiting the burgeoning Web of Linked Data. Web of Linked Document 
tools only partially serve the needs of a Web of Linked Data users and 
their user agents. Ubiquitous computing, of the variety being pushed 
effectively by the Mobile segment and the "Internet of Things" will 
change a lot of things fast.

I want to send my Linked Data aware agents out on quests whereby they 
traverse dense Linked Data meshes (including sensory data networks) en 
route to making me appear ubiquitous, across data spaces of vital 
interest to me etc.. All of this without today's "all or nothing" 
propositions of yore when it comes to trust and privacy.

> Best wishes,
> Bruno.
> On 12/08/2010 21:23, Joe Presbrey wrote:
>> I am very surprised to hear this argument.
>> AFAIK, the main technical problem with OpenID as an authentication
>> protocol in a Linked Data context is that it is not RESTful!  Using
>> Linked Data in meaningful ways goes well beyond the user in a Web
>> Browser experience.
>> Linked Data w/ OpenID breaks HTTP completely when
>> [curl|rapper|Tabulator|insert data browser here] asks for RDF and it
>> redirects me to an authorization page at my IdP.  On the other hand,
>> WebID prompted SSL-authentication leading to correct HTTP status codes
>> indicate to any HTTP client written in our lifetime exactly what to
>> do.
>> --
>> Joe Presbrey
>> On Wed, Aug 11, 2010 at 8:11 AM, Bruno Harbulot
>> <Bruno.Harbulot at manchester.ac.uk>  wrote:
>>> My main point still is that, if we don't make suitable use of the public
>>> key but instead move away from using certificates, there's little point
>>> in developing WebID, we might as well try to extend OpenID with some
>>> semantic-web extensions.
>>> Best wishes,
>>> Bruno.
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols



Kingsley Idehen	      
President & CEO 
OpenLink Software     
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen 

More information about the foaf-protocols mailing list