[foaf-protocols] WebID Incubator Charter draft

Reto Bachmann-Gmür me at farewellutopia.com
Wed Dec 15 17:20:00 CET 2010


Hello

I'm sorry for jumping in into the discussion after having been missing in
action for scuh a long time, I'm supposed to have more time beginning at the
end of the year.

I read that "the WebID protocol <http://webid.info/spec/> is defined
semantically - not syntactically"

and that  the group shall "identify interoperability issues".

To me the two sentences contradict each other, if the "protocol" is defined
semantically interoperability is out of scope of the specification, also the
introductory sentence mentioning SSL/TLS and X509 doesn't seem consistent
with a purely semantic definition of the protocol.

I think what would be more useful is: "The WebId protocol is defined
semantically with support for an extendible set of syntaxes, algorithms and
ontologies - a minimum set of non-semantic requirements are however defined
to guarantee interoperability between implementations."

The approach of having generic standards with minimum requirement is also
the one used by IPSec: "you can use any encryption mechanism you'd like, but
you must support at least 56-bit DES"

Cheers,
Reto


On Wed, Dec 15, 2010 at 3:53 PM, Henry Story <henry.story at bblfish.net>wrote:

> Updates here:
> https://github.com/bblfish/webid-spec/blob/master/webid-charter-draft.html
>
> On 15 Dec 2010, at 13:11, peter williams wrote:
>
> > The scope seems very narrow compared to the scope of the provenance
> example,
> > given here recently.
> >
> > I could give 10 examples of this scoping tied to the wording. But, until
> > folks agree that the scope needs to be generalized, I don't see the point
> > arguing with the wording. Before anyone gets defense, there is nothing
> wrong
> > with having an engineering scope.
> >
> > For example, wording ties the webid incubation
> > - to only protocol designs (which is no longer even tied exclusively to
> FOAF
> > cards),
> > - to social networks (and not other web applications),
>
> We have the Federated Social Web XG as one of the  W3C groups listed.
> Is there somewhere else that this should appear?
>
> > - to classical https (and not connectionless SSL used in TTLS, or DTLS),
>
> Well I think that is certainly something I'll be happy to look at in there.
> We don't of course limit ourselves to the IETF group. The problem is that
> the
> list of external groups to liaise with can be very large. I don't want to
> put all
> the TTLS and DTLS groups.
>
> I have added a note to TTLS and DTLS in the TLS space.
>
> > - to only (IETF-sponsored) cipher suites defining commodity crypto
>
> The intention is certainly not to limit ourselves thus, though practically
> we'd rather work with what is currently deployed. For example I doubt that
> WebId
> could not work with any yet to come crypto. Is that note inside TLS not
> enough?
>
> > - to identified browser users (and not group or server entities, say,
> > similarly named).
>
> I agree, we could mention server authentication too.
>
> >
> > Overall, it comes across as an engineering profile of client certs for
> > https, rather than discovery aimed at characterizing the nature of the
> > research program.
> >
> > If I was to enter the forum and propose that the supplicant in an PC or
> > phone OS on binding to a switch or wifi access point might use TTLS with
> > client certs WITH webids and the access control decision should leverage
> a
> > ping on the semantic web, it would not be in scope - despite being a
> > protocol design.
>
> Is that change ok?
>
> > Its not social networking, its not https, its assumes
> > browsers leverage SSL sockets in an OS/stack vs a code library in a
> > universal browser application,
> >
> > I could go to cisco engineers I know and get them interested in semantic
> > web, but only as a tool to be applied to the above. I could go to another
> > group working on multicast-powered group keying for SSL in custom https
> > clients, but their focus in making plugins modules for http and ssl
> > libraries, rather than redefining typical browser https experienced used
> in
> > PCs and phones used for twittering.
>
> yes. of course they are all welcome.
>
> >
> >
> > -----Original Message-----
> > From: foaf-protocols-bounces at lists.foaf-project.org
> > [mailto:foaf-protocols-bounces at lists.foaf-project.org] On Behalf Of
> Henry
> > Story
> > Sent: Wednesday, December 15, 2010 3:29 AM
> > To: foaf-protocols at lists.foaf-project.org
> > Subject: [foaf-protocols] WebID Incubator Charter draft
> >
> > Before we send this off, can people please send comments to the wording
> of
> > the draft.
> >
> > http://lab.linkeddata.deri.ie/2010/WebID-XG/webid-charter-draft.html
> >
> > I recently added IIW and Liberty, xantara as external groups, but am not
> > sure the description of their activities are good.
> >
> >       Any feedback helpful,
> >
> >       Thanks,
> >
> >       Henry
> >
> > Social Web Architect
> > http://bblfish.net/
> >
> > _______________________________________________
> > foaf-protocols mailing list
> > foaf-protocols at lists.foaf-project.org
> > http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
> >
>
> Social Web Architect
> http://bblfish.net/
>
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20101215/4820e00e/attachment.htm 


More information about the foaf-protocols mailing list