[foaf-protocols] FOAF+SSL Test Application: SPARQL.ME

Fri Feb 5 17:52:03 CET 2010

On 5 February 2010 17:26, Peter Williams <home_pw at msn.com> wrote:

>  So is the intent that FOAF+SSL should supporting a naming synonyms, for
> use during authentication? For example, the URI alias discussed in the
> RESTful SPARQL spec (and even its form from the example in the spec, see
> below).
>

That wasnt the intention of this app.  But I dont see any reason why not.
The purpose of sparql.me is to allow users to persist their SPARQL queries.
Profile page is just an addition that supports the RDFa standard.  I added
it because I was playing with the ARC2 plugin to generate it.

>
>
> Hopefully, I get to start using use long words like polyarchical (like
> Openid folks used to use, in the evangelism phase of generating the openid
> market).
>
:)

Toby came up with 'SIOC and AWE' to describe the end results of
foaf-protocols.  SIOC (pronounced "shock" to link together communities, and
A.W.E. = ACL, WebOfTrust, Ego(FOAF) for FOAF+SSL.

>
>
> WOULD a per user sparql.me getprofile.php URI be the kind of “URI alias”
> to “networked knowledge” discussed in the RESTful SPARQL spec? There, they
> distinguish the URI aliases from URIs VERY CLEARLY
>

Not 100% sure on this one, but if I made it a unique URI (per webid), it
could be an alias.  But not sure you'd want an alias in this case ... also
how to generate a unique URI?  I'm not sure here, do you mash up the Webid
in the query string, or some kind of HTTP redirect ...

>
>
> I cannot read RDFa yet (its taken me 3 years to learn to read xml/rdf
> (building on what Henry via N3 taught me about the underlying statement and
> class/type model). Does the sparql.me source’s RDFa use relative naming
> for “my” profile (with itself as the root namespace), or are the triples
> still hard-sourced to original foaf.me’s namespace?
>

RDFa bookmarklet:
http://www.w3.org/2001/sw/BestPractices/HTML/rdfa-bookmarklet/
RDFQuery+Firebug is good: http://code.google.com/p/rdfquery/

Try: $().rdf().databank.dump({format:'application/rdf+xml', serialize:
true})

>
>
> Would it be ok for such as sparql.me to simply pull the information
> resource from another server, change the namespace of the subject elements
> of the staements, add a(nother) cert:identity statement to the rsa pubkey
> anonymous values, and thereby now “present” for reliance its own authority
> to user doing foaf:ssl procedures (in preference to foaf.me). Surely, it
> would then be an “issuer” of URI aliases, should the profile URI used today
> become personalized. (e.g.
> http://sparql.me/profile.php?webid=http://foaf.me/homepw34#me – using a
> form taken from the Restful SPARQL spec).
>

Changing a "namespace", changes the URI of anything that uses that
"namespace".  So we would be talking about a different set of triples in the
graph.  But anything is possible, so yes you could create whatever claims
you wanted to by changing the URIs.

>
>
> This aliasing issue was deemed a “threat” in the CA world, when for any
> cert published on the web, another commercially-unrelated CA could pull the
> blob, parse out the pubkeys, stick in their own name for the subscriber in a
> new cert package”, and sign it with their “replacement CA’s” signing key.
> They would put different “service” and “policy” URIs in the cert, that
> induced the relying party to consult the new CAs repository of status
> information (rather than the original CA repository).
>

I understand.  In RDF a set of triples (graph) can be replicated in any
number of pages, stores, or caches.  It is up to you to decide whether you
trust what you've been served.  Dereferencing via http(s) is normally a good
indication that something is bone.

I'm not sure to what extent a graph can refer back to the URI that you
dereferenced to get the triples, but that might be some way to suggest an
authoritative place to look.  Perhaps "named graphs" are helpful here, my
knowledge is limited in this area, so I'm probably not the best to answer
this part.

>
>
>
>
>
>
>
>
>
>
>
>
>  * *
>
>
>
> Presumably, another IDP would NOT use the RDFa from sparql.me for the
> purposes of foaf+ssl authentication about a name issued by foaf.me
>
>
> No, for that I'd need to make a permalink to your profile URI.  But since
> the triples in your graph are independent of the document, this could used
> as a second identity, if you chose.
>
>
>
>
>
>
>
> *From:* foaf-protocols-bounces at lists.foaf-project.org [mailto:
> foaf-protocols-bounces at lists.foaf-project.org] *On Behalf Of *Melvin
> Carvalho
> *Sent:* Thursday, February 04, 2010 11:02 AM
>
>
> *To:* Story Henry
> *Cc:* foaf-protocols at lists.foaf-project.org
> *Subject:* Re: [foaf-protocols] FOAF+SSL Test Application: SPARQL.ME
>
>
>
>
>
> On 4 February 2010 19:12, Story Henry <henry.story at bblfish.net> wrote:
>
> Cool.
>
> The back button does not work, so when I write out a query and make some
> mistake, pressing back gets me to your initial query.
>
>
> Browser back button?  Hmm I didnt test that too much ...
>
> If you click on the Queries tab, you should see all your queries, much like
> a pastebin, and be able to run them, or delete ones with an error.
>
>
>
> What does logging in give me? (At least its easy, which is nice :-)
>
>
> Logging in means that your queries will be recorded and available for
> others to see and run ...
>
>
>
> Henry
>
>
> On 4 Feb 2010, at 19:05, Melvin Carvalho wrote:
>
> > Just a simple service that lets you log in with FOAF+SSL and run sparql
> > queries against sparql.org (dont forget to use the FROM keyword to run
> > against an RDF graph)
> >
> > http://sparql.me/
> >
> > If you are logged in it will
> > - Display your profile in RDFa
> > - Save your SPARQL queries
> > - Allow you to delete queries
> >
> > It is possible to browse recent queries that others have submit ...
> >
> > Will add a few more features if there is demand ... or if time allows ...
>
> > _______________________________________________
> > foaf-protocols mailing list
> > foaf-protocols at lists.foaf-project.org
> > http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20100205/a7ddaebb/attachment.htm 