[foaf-protocols] Disclosing information to a web app from secret parts of our profile
nathan at webr3.org
Tue May 18 22:00:02 CEST 2010
Story Henry wrote:
> On 18 May 2010, at 20:46, Seth Russell wrote:
>> Even if foaf+ssl is still at the proof of concept stage, i'm troubled that i
>> cannot find where a user is to manage the disclosure of information from a
>> private part of their profile? Perhaps for my simple spin to win app, i
>> don't really need it. But i am building an entire customer relationship
>> where, in this modern TiVoed world, one should expect to provide the
>> information for say a billing form, (like
>> http://www.speaktomecatalog.com/billing.php ) only once. How is that
>> information to be made available from a person's foaf profile in a user
>> friendly, yet secure, manner?
>>> From a web developer's point of view, will it be quite so easy as ...
>> $foaf = new EasyRdf_Graph($_SESSION['customerIdentity']);
>> $customer = $foaf->primaryTopic();
>> Then a window would pop up asking the customer whether she will allow the
>> disclosure of this information from her profile.
> Seth, I sketched one answer to such a solution in
> You are to imagine going to a photo printing site where you have never been
> before. A relation in your foaf file points the server to a space where you
> can let your server know what photos (any resource will do) to make to the
> Photo printing service (identified also by WebId).
> The information is then returned (via a POST or drag and drop or something)
> to the photo printing service.
> We have not yet had any advanced Access controled foaf to do this. Perhaps
> I should try it out, using the very simple Apache ACLs we have and see how that would
> Is there something there you think is fundametally broken? (before I try it out)
If it saves any trouble / work - I'm implementing pretty much everything
covered as we speak adn will have a full working site of it all by the
end of the month - everything from foaf management, to splitting parts
of the profile under different access controlled resources, and many
other things foaf+ssl needs.
I'm sure it won't be final solutions in each case, but will prove it can
all be done and be a working real web app & most of the code (PHP 5 OO)
will be open sourced.
More information about the foaf-protocols