[foaf-protocols] [foaf-dev] OpenPals - FOAF-based open source social infrastructure
kidehen at openlinksw.com
Thu Sep 16 23:26:31 CEST 2010
On 9/15/10 7:34 PM, Nikolay Krasilnkov wrote:
> Hello Kingsley,
> Thank you for reply!
> On 09/16/2010 01:51 AM, Kingsley Idehen wrote:
>> On 9/15/10 4:40 PM, Nikolay Krasilnkov wrote:
>>> Hello FOAF-project team,
>>> My name is Nikolay Krasilnikov. I'm PhD student in Saint Petersburg
>>> State University of Information Technologies, Mechanics and Optics
>>> SU IFMO) and software engineer in Sun Microsystems (Oracle
>>> My friend Nikolay Vyahhi (he is PhD student in Saint Petersburg State
>>> University (SPb SU)) and I are prototyping some kind of social network
>>> infrastructure based on FOAF and OpenId.
>>> The main idea is to split social network to standardized back-end and
>>> substitutable front-end.
>>> Back-end is rather simple provider of social information based on FOAF
>>> standard and OpenID authorization. It looks like this:
>>> http://www.openpals.net/provider/http://nnnnnk.myopenid.com/ (slash at
>>> the end does matter). Provider also supports some security settings.
>>> Front-end is any software (UI) that can browse this FOAF network. In
>>> prototype it renders FOAF to some kind of usual social network page.
>>> example here is my page:
>>> http://www.openpals.net/profile.html?id=http://nnnnnk.myopenid.com/ .
>>> Actually we have two different front-ends — server-based that's located
>>> on http://www.openpals.net and the one implemented as Firefox
>>> In the second one there are much more possibilities in integration of
>>> different services.
>>> Description of idea with pictures:
>>> From the point of view of FOAF we have some simple FOAF parser,
>>> model and UI representation.
>>> Our model is rather simple now, but we are working on it.
>>> Also we are not great experts in FOAF and RDF, so it would be great to
>>> get some expert feedback.
>> Nice looking effort!
> Thank you :)
>> Wondering if you've been looking at the WebID project at all?
> Nope :)
>> Also, I tried to create a profile using my OpenID but it failed. I
>> doubled checked with another OpenID site to ensure it wasn't me at
>> fault, and that worked.
>> My OpenID URL
>> is:<http://kingsley.idehen.net/dataspace/person/kidehen> .
> I guess that's a bug in openid4java library.
> It can not find endpoints on your page.
> I'll try to update it, and if it won't help, I file a bug.
> Is it Ok to provide your OpenID in bug description?
>>> We'd like to make our ideas live, organize a community and so on.
>>> But we
>>> don't have much experience in this things. So we'd be very pleased if
>>> you could give us some peaces of advice in this area too.
>> My best piece of advice (for now) would be to incorporate WebID into
>> your service once OpenID is working properly etc..
> As I understand WebID is URI with FOAF.
> Is http://www.openpals.net/provider/http://nnnnnk.myopenid.com/#NNK my
You tell me, your the publisher :-)
I can assume, based on the #URI pattern that:
1. http://www.openpals.net/provider/http://nnnnnk.myopenid.com/#NNK --
2. http://www.openpals.net/provider/http://nnnnnk.myopenid.com -- Your
FOAF Profile which has the WebID above as PrimaryTopic .
> And is it possible to split WebID provider and FOAF provider?
Yes, so you have an IdP for generating security tokens (i.e., X.509
Certs) that contains reference to your WebID (HTTP URI or email Address
style URI). Thus, a WebID compliant Relying Party can then look-up your
WebID via the security token (when presented during authentication
challenge), and then use it locate the public key that matches that of
the SSL/TLS verified security token, en route to verifying your identity.
You can try this out at: http://id.myopenlink.net/ods, and just do the
1. Signup (you can use a WebID if you have one)
2. Edit your profile (basically, go to "Security Tab" and Generate an
X.509 Cert and Private Key)
3. Use the "X.509 Cert" tab to enable your account for WebID access.
That's it. Remember to place your Personal URI (FOAF Profile
PrimaryTopic URI) in the appropriate field when using the X.509 Cert
If you want to be a little more sophisticated, you can do the following:
1. place a email address URI in the email address field of the profile
management form (or if you want to leave a real email address use the
"Other WebIDs" field to hold an acct: scheme based email address URI)
2. place your external WebID as another alternative WebID entry
(basically indicating that each of these are co-references)
3. use the acct: scheme email address URI as the email address value or
WebID value when generating your Cert
4. copy the generated public key (from id.myopenlink.net) over to your
external FOAF profile space
- associate the public key with your WebID in the external FOAF
5. delete the public key stored in the id.myopenlink.net data space.
When challenged, the id.myopenlink.net IdP will resolve your identity by
meshing/smushing the data associated with the co-reference WebIDs en
route to locating the matching public key -- which resides in our FOAF
> Now it's possible to change our FOAF provider to other keeping id and
> data transparently for other users in the network.
>>> Best Regards,
>>> foaf-dev mailing list
>>> foaf-dev at lists.foaf-project.org
More information about the foaf-protocols