[foaf-protocols] signed-URIs RE: using windows to mint web id credentials,

Peter Williams home_pw at msn.com
Sun Nov 27 01:55:56 CET 2011


foaf protocols is entirely appropriate placed to discuss this (site owner, having the last word).  Henry, you need to reserve yoru infamous venom for the W3C list on webid, where you properly get to set the rules. Now, RDfa is doing fine as a consumer technology, meeting all my structural and political goals.  My issue is finding a way to parse it in dotNet.  We do seem be getting down literally to a card (document) on a web endpoint with structured data (important), and we are now tree walking the web (super important) vs aggregating data. I feel like we have moved beyond triple databases, semantic search, and data mining by robots (which doesnt meet my goals). We are getting back to the core web (structured better for machines, this time around). Everything I can do with 10,000 EIGRP routers and 100,000 PIM trees... I want to be able to do with foaf cards building the auto-converging (trust) networks. To me a foaf card is just a line in a cisco TCAM data store. WHile that is operating at 10Gps (and higer) and converging in milliseconds,, we are still putzing along (12 years later, apparently). I know Henry had an implementation struggle over RDFa with Java. And, he puts lots of effort into the RDFa solution for his IDP site by porting code (far more than Im willing to exert, given I know next to nothing about data models or machine learning). At the same time, I promised W3C I'd implement for the privilege of serving here (insults notwithstanding), so I'm duty bound. The insults are ok. Its crypto, and its a no holds barred world there. The easiest way for me to solve the problem is to call a webservice when I cannot find only a serialization that my existing (and aging) dot Net lib supports natively, and said service returns me a signed yes/no. And of course, we have that in the ODS cert  verification service, as augmented with Henrys design for an signed message about cert/graph/webid status.  I cannot object to any of that, as its essentially identiical to what we deployed in IE3.01, in the first generation of OCSP: send a cert or a cert id, and get back a signed yes/no with fixed asymmetric key management. That worked fine for 5 years (until IETF and NSA got hold of it, and over complicated it by 20* with XML, to address needs noone actually has.) The alternative is I just privately use http://morph.talis.com/?data-uri%5B%5D=http%3A%2F%2Fyorkporc.blogspot.com%2F2011%2F11%2Fbob.html%23me&input=rdf-html&output=turtle&callback= if someone can assert that the response from morph could be fed into the sparql ASK query (reading turtle), Ill think Ill just start with morph since I have (now) to pull my own docouments anyway, so I follow the (whatever emberges as the redirect) rules. If someone wants to give (polite) opinion on using the cert verify endpoint (and consuming signed statements back) I can go there too - since Ive found my old ASP.NET code that verifies the signature on those URIs. The question is, beyond verifying the integrity of the response fields borne in a URI, are we starting to conceive of a signed-URI (reference)? Seems like a no-brainer to put in that URI a value of sha1=xyz, which is signed along with all the parmaters including the orignal-URI. xyz can be the hash of my HTML/RDFA source (bearing the graph).  Date: Sat, 26 Nov 2011 17:18:52 -0500
From: kidehen at openlinksw.com
To: henry.story at bblfish.net
CC: home_pw at msn.com; foaf-protocols at lists.foaf-project.org
Subject: Re: [foaf-protocols] using windows to mint web id credentials,

            On 11/26/11 4:49 PM, Henry Story wrote:    
On 26 Nov 2011, at 21:52, Kingsley Idehen wrote:                 
                Now, to the microformat variant. in the contrasting RDFA                case of foaf markup, all I did was set the doctype, and                html element namespace headers in a blogger template.                What do I do to tell the world of microformat clients                that the resulting HTML is microformat ready?
            If Microformat means Microdata, re. comments above, then            nothing; especially if we actually expose people to the fact            that Microdata and RDFa can have equal billing re. WebID and            "mirrored claim" representation via EAV/SPO graph pictorials            . 
 
                can i hope that the microformat page parsers are                available in native dotnet libraries? 

            There's a high possibility that such exist in .NET realm.            Microsoft, Google, Yahoo! are the guys behind Schema.org which is based on            HTML5 Microdata. 
Why are you trying to get Peter to do things not according to        spec, Kinglsey?
    Henry,

    Please be clear about your claims. What do you mean by not according    to spec? 

    Peter: Please move our conversation to the RWW mailing list. I don't    have the time, energy, or desire to start unproductive loops when    Henry goes into ultra defensive mode. I much prefer dealing with him    when he has appropriate context for what I am doing. Right now he    simply isn't in that mode. The good news is that at the right time    he'll get into the required mode.

  We have a spec that currently asks for RDFa and rdf/xml.        Are we such a strong group that we can already mess up our        interoperability even with so few users?
    In the right mode, replay the comments above, and you will see the    contradiction inherent in your comments, really!


RDFa can be discussed. Currently the people who have been        participating on this list have been very much in favour of rdfa        it seems, since that is how those got into the spec.
    No comment.


I think the rdfa/microformat debate is not finished either        even in the HTML5 working group. 

    Is this a debate? 

    You just don't want to visit the reality that we should encourage    people to use EITHER! Since this is how you bootstrap. I do not have    time for another useless 12+ year odyssey. I just don't!


Here is an interesting comparison btw between micro data and        RDFa
   http://manu.sporny.org/2011/uber-comparison-rdfa-md-uf/
    Irrelevant!


Now I have not studied that enough to be able to decide which        is best, but  I think we might as well continue with RDFa for the moment as the second encoding, because we have all        succeeded in getting that to work, as far as I can tell.
    What you know is not the measure or determinant of what goes into    the WebID spec or defines what WebID actually is. Just really have    to understand this pronto!

    Kingsley


Henry
Social Web Architect
http://bblfish.net/


-- 

Regards,

Kingsley Idehen	      
Founder & CEO 
OpenLink Software     
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen





 Date: Sat, 26 Nov 2011 18:29:32 -0500
From: kidehen at openlinksw.com
To: henry.story at bblfish.net
CC: home_pw at msn.com; foaf-protocols at lists.foaf-project.org
Subject: Re: [foaf-protocols] using windows to mint web id credentials,


  


    
  
  
    On 11/26/11 5:42 PM, Henry Story wrote:
    

      
        On 26 Nov 2011, at 23:18, Kingsley Idehen wrote:
        
        
            
              
                

              
              I think the rdfa/microformat debate is not finished
                either even in the HTML5 working group. 

              
            
            

            Is this a debate? 

            

            You just don't want to visit the reality that we should
            encourage people to use EITHER! Since this is how you
            bootstrap. I do not have time for another useless 12+ year
            odyssey. I just don't!

          
      
      

      
      Before you encourage people to use either, perhaps we could
        start with the one we have implemented. 

      
    
    

    Sorry, but you are deflecting. And this deflection is detracting
    from the big picture at hand. 

    

    
      Especially when you are speaking to Peter Williams who
        finally just managed to get a WebID we could work with.
    
    

    Hmmm. You think the WebID is the big deal for Peter? Seriously now?
    There is a dimension to this endeavor you refuse to understand. Why
    that is I am yet to fathom.

    

    
      

      
      As you see I am keeping it short. RDFa/Microformats is going
        to be won on the html5 mailing list not here.
    
    

    I don't give a darn about syntax! I only give a darn about concepts!

    

    
       We have started
      by choosing one here. 
    
    

    And their lies your artificial blindness. 

    

    
      We can add the other later, since you claim they are
        interoperable. But perhaps there are other more
      fun things to do.
    
    

    These others happen to be whom exactly? Are you interested in
    millions of WebIDs or not? Or as you interested in a little clubby
    research project under a W3C banner? 

    

    Now lets get real. 

    

    Given a blogspot.com post (with an html+microdata based structured
    data island) with URL based permalink:

http://kidehen.blogspot.com/2011/11/webid-publication-qa-htmlmicrodata.html

    

    1. SPARQL Protocol based Query Results URL (deliberately in SELECT
    mode to show effects of query against the Blog Post URL): 
    http://goo.gl/DaKIv .

    

    2. SPARQL Endpoint's HTML based Query Editor URL:
    http://goo.gl/U5WW9 .

    

    Repeating this exercise using the same blogspot.com hosted blog, but
    this time using RDFa for the embedded structured data island:

    

    1. SPARQL Protocol based Query Results URL: http://goo.gl/8Qv2j

    

    2. SPARQL Endpoint's HTML based Query Editor URL:
    http://goo.gl/Jud6y .

    

    Note re. examples above: you only need the "DEFINE get:soft
    "replace" pragam one time since this is how the HTTP GET is
    performed as per earlier comments re. SPARQL and FROM. 

    

    

    As you can see, we get the same effect using RDFa or Microdata based
    structured data islands within blogspot.com posts. 

    

    We don't need to extend a silly syntax war to WebID. Let's keep
    WebID in the conceptual realm. It components boil down to:

    

    1. structured data for representing claims that consist of EAV/SPO
    triples

    2. PKI -- which is driven by proof of key ownership

    3. specific trust logic -- which is based on "mirror claims" between
    an x.509 cert. and an Identity Provider space

    4. de-referencable URI used in the SAN of an x.509 cert. that
    resolves to an Identity Provider space that hosts the "mirrored
    claim" or the critical parts of it e.g., modulus + exponent and/or
    fingerprint and/or DER representation of the Certificate 

    5. relying agents or delegates being able use the URI in SAN as a
    WebID watermark by performing a lookup the "mirrored claim" by
    de-referencing the URI(s) in SAN.

    

    AWWW allows all of this to happen without RDF or SPARQL specificity.
    Same applies to representation of the "mirrored claims" as RDFa,
    Microdata, RDF/XML, other EAV/SPO based directed graph based
    representations of said claims.

    

    AWWW is about openness. It isn't about myopia. Let's not compromise
    the underlying design that makes this all possible. 

    

    WebID should be a politics free zone. Introduce politics and it will
    die an unnecessary death, by stagnation.

    

    

    I want WebID adopted at massive scales. I am not interested in a toy
    research project. 

    
      

      
      Henry
      

      
      

      
        
            
                
                    
                        
                                  Social Web Architect

                                    http://bblfish.net/
                                
                      
                  
              
          
      
      

    
    

    

    -- 

Regards,

Kingsley Idehen	      
Founder & CEO 
OpenLink Software     
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen




 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20111126/410438c1/attachment-0001.htm 


More information about the foaf-protocols mailing list