[foaf-protocols] WebID talk at W3C

Kingsley Idehen kidehen at openlinksw.com
Tue Aug 24 13:19:09 CEST 2010


  On 8/24/10 6:21 AM, Henry Story wrote:
> On 24 Aug 2010, at 04:37, Manu Sporny wrote:
>
>> The slides that I've prepared for the presentation are here:
>>
>> http://payswarm.com/slides/webid/
> Great, so apparently there will be 15 minutes to present these slides.
>
> This idea was to follow this by 10 minutes to demonstrate Manu's solution, under the heading of WebID. I am arguing that this is a bit much for a solution that we have no interoperation for, and have not considered. My argument there is that a 3 minute screencast should be more than enough.

Sorry, but I still don't get the elevation of Manu's solution to 
definitive demo status re. WebID.

Manu: no offense intended here, but this simply doesn't feel right at all.
> I was then to get a 5 minute presentation on WebId. Of course this makes no sense, since Manu is presenting the WebID+flash as WebID, so its not clear that what role I would be playing after people have been messing around thinking they were playing with WebID, for me to come and to tell them that that was not really WebID but something completely different.

Exactly!
>
> Now for a look at the slides. Here's some of the points I came up with, in the time before I catch the train....
>
> Slide 1
> -------
>
>
>
> Slide 2: Why have universal Login
> ---------------------------------
>
> One could put some facts on there if one had time. I heard that 60% of failures were due to password break ins.
>
> One can put this very simply:
>    + with the telephone you can call someone from whatever provider they are on (you don't need the provider)
>    + with email you can mail anyone
>    + on the web you can link to page
>
> but on the web you cannot identify yourself globally. Each site requires new username/password, you cannot link to your friends on different social networks, ...
>
>
> Slide 3: Identity on the Web
> ----------------------------
>
> This is a very general slide on identity, and then there is a mention of a very particular tech OAuth, which is clearly not yet good enough as I hear there is a big debate in that camp between OAuth and XAuth. Furthermore one can probably replce either of them with WebID, by following something
> like the following
>
>    http://blogs.sun.com/bblfish/entry/rdfauth_sketch_of_a_buzzword
>
> I don't understand the "nuance" section there, or its relation to the whole.
>
> Slide 4: WebID Demo
> -------------------
>
> WebID demo. I think putting WebID first here is a bit odd. Especially as it is then followed by OpenId.
>
> If one were to go more historical one could do it like this btw.
> http://www.w3.org/2005/Incubator/socialweb/wiki/StateOfSocialWeb#Authentication:_from_Passwords_to_WebIds
>
> That is passwords, Firefox Weave, OpenId, ..., WebID
>
>
> Slide 5: OpenId
> --------------
>
> "WebId is backward compatible" a bit of the wrong way of putting that.

WebID can be used to embrace and extend (in a good way) other protocols 
(e.g. OpenID). WebID is basically unobtrusive, and this ultimately its 
greatest adoption attribute. Yes, it takes a while to grasp some of its 
nuances, but as yet another "deceptively simple" delivery it carries the 
"exponential uptake" prowess of HTTP (since its is based on HTTP and the 
REST interaction pattern).

>
> The link to web id should simply be to the http://esw.w3.org/foaf+ssl wiki
> where there is indeed a very simple and much newer graph that displays how the social network comes to be of importance.
>
> The comparison to webid should not be done in terms of number of steps.
> If you look carefully you will see that these steps are not numbered in the same way. What is important is to count the number of https connetions.
>
> WebId requires at most 1 extra https connection. With caching it gets down to 0 more! OpenID requires 6 extra https connections (+ the login page with WebID does not even require). So we are 7 times more complex, not twice.

Personally, WebID+OpenID virtues are more powerful than subtly imply 
that WebID should replace OpenID etc..
>
> Slide 6: WebFinger
> ------------------
>
> WebFinger is an twist on OpenID in order to allow one to get from an email address to a page about that email, as I understand. And then there is the complex XRI standard there.

No!

Webfinger is about inserting mailto: and acct: URI schemes into the mix 
re. profile discovery. We are done with Webfinger implementation and it 
basically allows us to offer the following:

1. Email Addresses as OpenID URIs -- which means that via OpenID+WebID 
when I enter my email address I still end up with Cert. presentation 
(courtesy of WebID aspect)

2. Certs that only have an Email Address (no WebID) --- while still 
getting the full WebID experience (we just take a different route to the 
structured profile resource when performing the lookup post standard 
TLS/SSL handshake)

3. Use Email Addresses when setting up WebID driven ACLs -- yes, I can 
actually use: <acct:kidehen at id.myopenlink.net> as my Identifier when 
setting up Cloud Storage ACLs .

I will demo all of the above very soon. Of course, you can already 
experience this at: http://id.myopenlink.net/ods :-)
>
> Slide 7: well known
> -------------------
>
>
> It is not clear that this is an identity thing. Though it is a dependence of WebFinger.  I don't see what this has to do with identity
>
> Slide 8: Deployement
> --------------------
>
> One could be a little more positive here, and say that there are interoperable inplementations for every major programming language.
>
> By the way I have bought Webid.info so we could use that to point to documents. I also think pointing to the esw wiki would be a good thing. It is a bit messy, but there is a lot of information there.

We should always keep the esw wiki in the loop as an information portal.

Kingsley
>
>
>
>
>
>
>
>
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>


-- 

Regards,

Kingsley Idehen	
President&  CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen







More information about the foaf-protocols mailing list